Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Branch: master
Commits on Feb 6, 2014
  1. Merge pull request #75 from cese/master

    authored
    Fix security issue (arbitrary file unlink)
  2. Time attack protection on hmac comparison

    authored
    This fixes issue 2.7 of https://defuse.ca/audits/zerobin.htm, and thus
    (with commit a24212a) also issue 2.8.
  3. Stronger server salt

    authored
    ZeroBin now generates a much stronger salt. This fixes issue #68
    (mentioned in section 2.1 of https://defuse.ca/audits/zerobin.htm)
Commits on Feb 4, 2014
  1. @cese

    Fix security issue

    cese authored
Commits on Feb 3, 2014
  1. Merge pull request #61 from jelhan/master

    authored
    File lock for write on /data/traffic_limiter.php
Commits on Jan 20, 2014
  1. Potentiel security bug corrected

    authored
    Bug reproduction: 1) paste texte containing html/javascript. 2) send 3)
    clic "Raw text"  4) refresh: The html/javascript is interpreted instead
    of just displayed.
    Under some versions of Chrome, it happens without refreshing.
    This bug was corrected.
Commits on Sep 28, 2013
Commits on Sep 3, 2013
  1. Update index.php

    authored
    Removed ugly error message when paste identifier is invalid (eg. http://mydomain.com/zerobin?foo)
Commits on Jul 4, 2013
  1. XSS flaw correction

    authored
    With a client IE < 10 there was a XSS security flaw. Other browsers were
    not affected.
    Also corrected spacing display with IE<10.
Commits on Mar 23, 2013
  1. Merge pull request #39 from ic0nic/master

    authored
    Incorrect structure
Commits on Mar 21, 2013
  1. @ic0nic

    Incorrect structure

    ic0nic authored
    The structure for robots.txt is incorrect for some/most search engines.
Commits on Mar 17, 2013
  1. Merge pull request #38 from kolobus/master

    authored
    Ignore .htaccess and .htpasswd for safety
Commits on Mar 14, 2013
  1. @kolobus
Commits on Feb 24, 2013
  1. Make sure there is enough entropy.

    authored
    This patch will improve key randomness by requiring the user to move the
    mouse if there is not enough entropy.
  2. ZeroBin 0.18

    authored
  3. replaceState() changed to pushState()

    authored
    so that the "Back" button works after clicking on "Raw text".
  4. Added "Raw text" button.

    authored
  5. Small typo correction.

    authored
  6. Removed dead code.

    authored
  7. "Burn after reading" as a checkbox

    authored
    "Burn after reading" option has been moved out of Expiration combo to a
    separate checkbox.
    Reason is: You can prevent a read-once paste to be available ad vitam
    eternam on the net.
Commits on Feb 23, 2013
  1. base64.js downgraded from 2.6 to 1.7

    authored
    because otherwise it would have broken compatibility with data files.
  2. Added version to js/css assets URLs.

    authored
    (in order to prevent some abusive caches to serve an obsolete version of
    these files when ZeroBin is upgraded.)
  3. Removed unused icon.

    authored
  4. Updated json checking.

    authored
    - adapted to SJCL changed
    - added entropy checking (from
    vikstrous@f2ee2e8)
  5. Allow discovery

    authored
    Patch from
    ic0nic@50d4fb9
  6. Corrected dates in discussion

    authored
    Date in discussion has been changed to display local date.
  7. Syntax coloring

    authored
    Added simple syntax coloring using highlight.js.
    * Lightweight.
    * Automatic detection of language.
  8. Lib upgrade

    authored
    (to fix my stupid revert).
    * jQuery upgraded to 1.9.1
    * sjcl upgraded to GitHub master 2013-02-23
  9. Auto-select paste URL

    authored
    When creating a paste, we auto-select the resulting URL so that the user
    only has to press CTRL+C to copy the link.
    So you basically click "SEND" then press CTRL+C.
Commits on Feb 22, 2013
Something went wrong with that request. Please try again.