search

Haocen / PrivateBin-Contribute

A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.
https://privatebin.info/
Other
0 stars 0 forks source link

Attachemnt cannot be downloaded/previewed properly if over 10MB #1

Open Haocen opened 5 years ago

Haocen commented 5 years ago

Steps to reproduce

  1. Change nginx.conf and php.ini to accept post body of over 10MB
  2. Upload a file of 10MB to a paste
  3. Load and decrypt the paste

What happens

the file cannot be downloaded or previewed(if supported), may due to content security policy?

What should happen

the file should be able to be downloaded or previewed

Additional information

Basic information

Server address: N/A

Server OS: docker nginx-fpm-alpine

Webserver: N/A

Browser: Chrome Version 76.0.3809.100 (Official Build) (64-bit)

PrivateBin version: 1.2.1 I can reproduce this issue on https://privatebin.net: No, because file upload is not enabled.

Haocen commented 5 years ago

Confirmed video(mov) will not preview because CSP. File will not download because data url too long, may need to introduce third party library.

Need following pieces to be implemented before considered usable:

progressive encryption resumable upload resumable download burn after read support big file? Investigate how mega did their in browser file transfer and encrypt/decrypt.