summaryrefslogtreecommitdiffstats
path: root/application
AgeCommit message (Collapse)AuthorFilesLines
2012-02-19Implement CSP for direct file downloadsFlorian Pritz1-0/+3
With this header we tell the browser to ignore javascript, frames and objects which decreases the exploitability of simple html pastes if viewed raw ("<domain>/<id>", without a tailing slash) quite a lot. You can still upload arbitrary files containing javascript code, but the browser will refuse to execute it. References: https://wiki.mozilla.org/Security/CSP/Specification Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19encode special chars in some placesFlorian Pritz2-3/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-14bump geshi to 1.0.8.10Florian Pritz207-497/+11171
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-01-25strip base64 decoded file of special charsFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-01-25allow client to overwrite filenameFlorian Pritz1-1/+12
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18remove superfluous spaceFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18uplaod_from: fix feature description for binary filesFlorian Pritz1-1/+1
/ID/plain will work too. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18fix left over mime2extension call and commentsFlorian Pritz1-4/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18only calculate field lengths for cli clientsFlorian Pritz1-5/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18factorise mode detectionFlorian Pritz1-8/+36
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18improve readability of download()Florian Pritz1-13/+17
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18use the same date for if-modified-since everywhereFlorian Pritz1-2/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18remove parameter of client()Florian Pritz1-4/+4
Parameters of controller functions are treated as url parameter so file/client/0 would also disable the headers. The cli client has empty headers anyway so just check that. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18fix missing space on upload_historyFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18display more information on delete_formFlorian Pritz2-5/+39
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18add delete icon on upload_historyFlorian Pritz2-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17use perl from PATH and copy markdown.pl to scripts/Florian Pritz2-6/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17remove php code from upload_from.jsFlorian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17move JS of upload_form to separate fileFlorian Pritz1-65/+1
The code hardly changes so it should be cached by the browser. This won't work if it's inlined. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17use migrations; automatically set up the databaseFlorian Pritz3-41/+74
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17add short features description to upload_formFlorian Pritz1-1/+13
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-28Merge commit 'v2.1.0'Florian Pritz3-4/+46
Conflicts: user_guide/changelog.html user_guide/database/active_record.html user_guide/database/caching.html user_guide/database/call_function.html user_guide/database/configuration.html user_guide/database/connecting.html user_guide/database/examples.html user_guide/database/fields.html user_guide/database/forge.html user_guide/database/helpers.html user_guide/database/index.html user_guide/database/queries.html user_guide/database/results.html user_guide/database/table_data.html user_guide/database/transactions.html user_guide/database/utilities.html user_guide/doc_style/index.html user_guide/general/alternative_php.html user_guide/general/ancillary_classes.html user_guide/general/autoloader.html user_guide/general/caching.html user_guide/general/cli.html user_guide/general/common_functions.html user_guide/general/controllers.html user_guide/general/core_classes.html user_guide/general/creating_drivers.html user_guide/general/creating_libraries.html user_guide/general/credits.html user_guide/general/drivers.html user_guide/general/environments.html user_guide/general/errors.html user_guide/general/helpers.html user_guide/general/hooks.html user_guide/general/libraries.html user_guide/general/managing_apps.html user_guide/general/models.html user_guide/general/profiling.html user_guide/general/quick_reference.html user_guide/general/requirements.html user_guide/general/reserved_names.html user_guide/general/routing.html user_guide/general/security.html user_guide/general/styleguide.html user_guide/general/urls.html user_guide/general/views.html user_guide/helpers/array_helper.html user_guide/helpers/captcha_helper.html user_guide/helpers/cookie_helper.html user_guide/helpers/date_helper.html user_guide/helpers/directory_helper.html user_guide/helpers/download_helper.html user_guide/helpers/email_helper.html user_guide/helpers/file_helper.html user_guide/helpers/form_helper.html user_guide/helpers/html_helper.html user_guide/helpers/inflector_helper.html user_guide/helpers/language_helper.html user_guide/helpers/number_helper.html user_guide/helpers/path_helper.html user_guide/helpers/security_helper.html user_guide/helpers/smiley_helper.html user_guide/helpers/string_helper.html user_guide/helpers/text_helper.html user_guide/helpers/typography_helper.html user_guide/helpers/url_helper.html user_guide/helpers/xml_helper.html user_guide/images/appflowchart.gif user_guide/index.html user_guide/installation/downloads.html user_guide/installation/index.html user_guide/installation/troubleshooting.html user_guide/installation/upgrade_120.html user_guide/installation/upgrade_130.html user_guide/installation/upgrade_131.html user_guide/installation/upgrade_132.html user_guide/installation/upgrade_133.html user_guide/installation/upgrade_140.html user_guide/installation/upgrade_141.html user_guide/installation/upgrade_150.html user_guide/installation/upgrade_152.html user_guide/installation/upgrade_153.html user_guide/installation/upgrade_154.html user_guide/installation/upgrade_160.html user_guide/installation/upgrade_161.html user_guide/installation/upgrade_162.html user_guide/installation/upgrade_163.html user_guide/installation/upgrade_170.html user_guide/installation/upgrade_171.html user_guide/installation/upgrade_172.html user_guide/installation/upgrade_200.html user_guide/installation/upgrade_201.html user_guide/installation/upgrade_202.html user_guide/installation/upgrade_203.html user_guide/installation/upgrade_b11.html user_guide/installation/upgrading.html user_guide/libraries/benchmark.html user_guide/libraries/caching.html user_guide/libraries/calendar.html user_guide/libraries/cart.html user_guide/libraries/config.html user_guide/libraries/email.html user_guide/libraries/encryption.html user_guide/libraries/file_uploading.html user_guide/libraries/form_validation.html user_guide/libraries/ftp.html user_guide/libraries/image_lib.html user_guide/libraries/input.html user_guide/libraries/javascript.html user_guide/libraries/language.html user_guide/libraries/loader.html user_guide/libraries/output.html user_guide/libraries/pagination.html user_guide/libraries/parser.html user_guide/libraries/security.html user_guide/libraries/sessions.html user_guide/libraries/table.html user_guide/libraries/trackback.html user_guide/libraries/typography.html user_guide/libraries/unit_testing.html user_guide/libraries/uri.html user_guide/libraries/user_agent.html user_guide/libraries/xmlrpc.html user_guide/libraries/zip.html user_guide/license.html user_guide/nav/nav.js user_guide/overview/appflow.html user_guide/overview/at_a_glance.html user_guide/overview/cheatsheets.html user_guide/overview/features.html user_guide/overview/getting_started.html user_guide/overview/goals.html user_guide/overview/index.html user_guide/overview/mvc.html user_guide/toc.html Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-18use full path to perl executable when calling mimetypeFlorian Pritz1-1/+1
Everywhere else we already do it like that. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-18don't display "latest client" link if there is no clientFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-05fix position of commentFlorian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-10-31Fix broken <span> at beginning of highlighted diffFlorian Pritz1-2/+2
If a regex matches on lines that begin with a space, it will create a <span> tag directly at teh beginning of the code. The return statment removes the first char which in this case will be "<" so the html tag will be broken and there will be a left over space. If we don't add the space in the first place, we don't have to remove it. This looks like some crazy workaround, so it might cause problems to appear. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-10-31fix unified diff highlightingFlorian Pritz1-0/+9
We shouldn't recolor "ed commands" when they appear in a unified diff. To make this work we have to mark comment lines so the css selector can find them. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-10-27Added long missing Migration documentation.Phil Sturgeon1-3/+2
2011-10-27Fix #537 issue: replace new wav mimetypeBo-Yi Wu1-3/+3
2011-10-01check if file exists before getting mtimeFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-10-01add mtime to url for default.cssFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-30add expire header for css files and append mtime to urlFlorian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-30highlight complete line; not only line numberFlorian Pritz1-0/+29
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-15valid_id: bail early if we can't get the file dataFlorian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-15remove unneeded call to filename2extensionFlorian Pritz1-1/+0
mime2extension tells us if the file is text that can be highlit. filename2extension leeds to unwanted behaviour if the filename is for example "PKGBUILD", but the file is a binary. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-15remove leftover codeFlorian Pritz1-2/+0
do_paste has been remove in b8fb38927fd2cc25f6748cff51b7de94e3082701 Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-13fix undefined variables in upload_form when using a cli clientFlorian Pritz1-4/+11
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-11properly initialize $lengths arrayFlorian Pritz1-5/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-11add upload_history to front pageFlorian Pritz1-2/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-11add upload_history pageFlorian Pritz4-0/+155
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-08fix markdown.pl pathFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-21Merge commit 'v2.0.3' into workingFlorian Pritz6-47/+137
Conflicts: .gitignore application/views/welcome_message.php user_guide/changelog.html user_guide/database/active_record.html user_guide/database/caching.html user_guide/database/call_function.html user_guide/database/configuration.html user_guide/database/connecting.html user_guide/database/examples.html user_guide/database/fields.html user_guide/database/forge.html user_guide/database/helpers.html user_guide/database/index.html user_guide/database/queries.html user_guide/database/results.html user_guide/database/table_data.html user_guide/database/transactions.html user_guide/database/utilities.html user_guide/doc_style/index.html user_guide/general/alternative_php.html user_guide/general/ancillary_classes.html user_guide/general/autoloader.html user_guide/general/caching.html user_guide/general/cli.html user_guide/general/common_functions.html user_guide/general/controllers.html user_guide/general/core_classes.html user_guide/general/creating_drivers.html user_guide/general/creating_libraries.html user_guide/general/credits.html user_guide/general/drivers.html user_guide/general/environments.html user_guide/general/errors.html user_guide/general/helpers.html user_guide/general/hooks.html user_guide/general/libraries.html user_guide/general/managing_apps.html user_guide/general/models.html user_guide/general/profiling.html user_guide/general/quick_reference.html user_guide/general/requirements.html user_guide/general/reserved_names.html user_guide/general/routing.html user_guide/general/security.html user_guide/general/styleguide.html user_guide/general/urls.html user_guide/general/views.html user_guide/helpers/array_helper.html user_guide/helpers/captcha_helper.html user_guide/helpers/cookie_helper.html user_guide/helpers/date_helper.html user_guide/helpers/directory_helper.html user_guide/helpers/download_helper.html user_guide/helpers/email_helper.html user_guide/helpers/file_helper.html user_guide/helpers/form_helper.html user_guide/helpers/html_helper.html user_guide/helpers/inflector_helper.html user_guide/helpers/language_helper.html user_guide/helpers/number_helper.html user_guide/helpers/path_helper.html user_guide/helpers/security_helper.html user_guide/helpers/smiley_helper.html user_guide/helpers/string_helper.html user_guide/helpers/text_helper.html user_guide/helpers/typography_helper.html user_guide/helpers/url_helper.html user_guide/helpers/xml_helper.html user_guide/index.html user_guide/installation/downloads.html user_guide/installation/index.html user_guide/installation/troubleshooting.html user_guide/installation/upgrade_120.html user_guide/installation/upgrade_130.html user_guide/installation/upgrade_131.html user_guide/installation/upgrade_132.html user_guide/installation/upgrade_133.html user_guide/installation/upgrade_140.html user_guide/installation/upgrade_141.html user_guide/installation/upgrade_150.html user_guide/installation/upgrade_152.html user_guide/installation/upgrade_153.html user_guide/installation/upgrade_154.html user_guide/installation/upgrade_160.html user_guide/installation/upgrade_161.html user_guide/installation/upgrade_162.html user_guide/installation/upgrade_163.html user_guide/installation/upgrade_170.html user_guide/installation/upgrade_171.html user_guide/installation/upgrade_172.html user_guide/installation/upgrade_200.html user_guide/installation/upgrade_201.html user_guide/installation/upgrade_202.html user_guide/installation/upgrade_b11.html user_guide/installation/upgrading.html user_guide/libraries/benchmark.html user_guide/libraries/caching.html user_guide/libraries/calendar.html user_guide/libraries/cart.html user_guide/libraries/config.html user_guide/libraries/email.html user_guide/libraries/encryption.html user_guide/libraries/file_uploading.html user_guide/libraries/form_validation.html user_guide/libraries/ftp.html user_guide/libraries/image_lib.html user_guide/libraries/input.html user_guide/libraries/javascript.html user_guide/libraries/language.html user_guide/libraries/loader.html user_guide/libraries/output.html user_guide/libraries/pagination.html user_guide/libraries/parser.html user_guide/libraries/security.html user_guide/libraries/sessions.html user_guide/libraries/table.html user_guide/libraries/trackback.html user_guide/libraries/typography.html user_guide/libraries/unit_testing.html user_guide/libraries/uri.html user_guide/libraries/user_agent.html user_guide/libraries/xmlrpc.html user_guide/libraries/zip.html user_guide/license.html user_guide/nav/nav.js user_guide/overview/appflow.html user_guide/overview/at_a_glance.html user_guide/overview/cheatsheets.html user_guide/overview/features.html user_guide/overview/getting_started.html user_guide/overview/goals.html user_guide/overview/index.html user_guide/overview/mvc.html user_guide/toc.html Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-21add htaccess filesFlorian Pritz2-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-19hide "Latest release" on client page if there is noneFlorian Pritz2-2/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-19move inclusion of file_plaintext/client view to controllerFlorian Pritz2-4/+3
This allows me to remove redundant variable definition from upload_form() since the same code is in client(). Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-19remove old upload snippetsFlorian Pritz1-4/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-19make "contact me" on the main page optionalFlorian Pritz3-2/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-19fix warning if data/client/latest doen't existFlorian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-15rewrite scripts/mimetype to support ascii with color codesFlorian Pritz1-1/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-15export sane $PATHFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>