mirror of
https://github.com/24eme/signaturepdf
synced 2024-05-21 15:16:37 +02:00
Pass the symmetric key through anchor in url
This commit is contained in:
parent
80a0104a7c
commit
87000db098
12
app.php
12
app.php
|
@ -82,6 +82,7 @@ $f3->route('GET /signature',
|
|||
$f3->set('noSharingMode', true);
|
||||
}
|
||||
$f3->set('activeTab', 'sign');
|
||||
|
||||
echo View::instance()->render('signature.html.php');
|
||||
}
|
||||
);
|
||||
|
@ -241,11 +242,12 @@ $f3->route('POST /share',
|
|||
}
|
||||
if (!isset($_COOKIE[$hash])) {
|
||||
$symmetric_key = createSymmetricKey();
|
||||
setcookie($hash, $symmetric_key, ['expires' => 0, 'samesite' => 'Strict', 'path' => "/"]);
|
||||
$keyCookieDate = strtotime('+1 year');
|
||||
setcookie($hash, $symmetric_key, ['expires' => $keyCookieDate, 'samesite' => 'Strict', 'path' => "/"]);
|
||||
}
|
||||
$encryptor = new CryptographyClass($symmetric_key);
|
||||
$encryptor->encrypt($hash);
|
||||
$f3->reroute($f3->get('REVERSE_PROXY_URL').'/signature/'.$hash."#informations");
|
||||
$f3->reroute($f3->get('REVERSE_PROXY_URL').'/signature/'.$hash."#sk:".$symmetric_key);
|
||||
}
|
||||
|
||||
);
|
||||
|
@ -256,7 +258,11 @@ $f3->route('GET /signature/@hash/pdf',
|
|||
$hash = Web::instance()->slug($f3->get('PARAMS.hash'));
|
||||
$sharingFolder = $f3->get('PDF_STORAGE_PATH').$hash;
|
||||
|
||||
$cryptor = new CryptographyClass($_COOKIE[$hash]);
|
||||
if (substr($_COOKIE[$hash], 0, 4) !== '#sk:') {
|
||||
echo "Error: Invalid prefix.";
|
||||
exit;
|
||||
}
|
||||
$cryptor = new CryptographyClass(substr($_COOKIE[$hash], 4, 15));
|
||||
$cryptor->decrypt($hash);
|
||||
|
||||
$files = scandir($sharingFolder);
|
||||
|
|
|
@ -411,6 +411,7 @@ var displaysSVG = function() {
|
|||
});
|
||||
};
|
||||
|
||||
|
||||
function dataURLtoBlob(dataurl) {
|
||||
let arr = dataurl.split(','), mime = arr[0].match(/:(.*?);/)[1],
|
||||
bstr = atob(arr[1]), n = bstr.length, u8arr = new Uint8Array(n);
|
||||
|
@ -944,7 +945,7 @@ var createEventsListener = function() {
|
|||
return true;
|
||||
});
|
||||
|
||||
if(hash) {
|
||||
if(pdfHash) {
|
||||
updateNbLayers();
|
||||
setInterval(function() {
|
||||
updateNbLayers();
|
||||
|
@ -1063,12 +1064,12 @@ var pageUpload = async function() {
|
|||
|
||||
var updateNbLayers = function() {
|
||||
const xhr = new XMLHttpRequest();
|
||||
xhr.open('GET', '/signature/'+hash+'/nblayers', true);
|
||||
xhr.open('GET', '/signature/'+pdfHash+'/nblayers', true);
|
||||
xhr.onload = function() {
|
||||
if (xhr.status == 200) {
|
||||
let newNblayers = xhr.response;
|
||||
if(nblayers !== null && nblayers != newNblayers) {
|
||||
reloadPDF('/signature/'+hash+'/pdf');
|
||||
reloadPDF('/signature/'+pdfHash+'/pdf');
|
||||
}
|
||||
nblayers = newNblayers;
|
||||
document.querySelectorAll('.nblayers').forEach(function(item) {
|
||||
|
@ -1109,7 +1110,8 @@ var pageSignature = async function(url) {
|
|||
let pdfBlob = null;
|
||||
let filename = url.replace('/pdf/', '');
|
||||
|
||||
if(hash) {
|
||||
if(pdfHash) {
|
||||
storeSymmetricKeyCookie();
|
||||
let response = await fetch(url);
|
||||
if(response.status != 200) {
|
||||
return;
|
||||
|
@ -1141,8 +1143,8 @@ var pageSignature = async function(url) {
|
|||
if(sharingMode) {
|
||||
setTimeout(function() { runCron() }, 2000);
|
||||
}
|
||||
if(hash) {
|
||||
pageSignature('/signature/'+hash+'/pdf');
|
||||
if(pdfHash) {
|
||||
pageSignature('/signature/'+pdfHash+'/pdf');
|
||||
window.addEventListener('hashchange', function() {
|
||||
window.location.reload();
|
||||
})
|
||||
|
@ -1161,4 +1163,8 @@ var pageSignature = async function(url) {
|
|||
window.addEventListener('hashchange', function() {
|
||||
window.location.reload();
|
||||
})
|
||||
})();
|
||||
})();
|
||||
|
||||
function storeSymmetricKeyCookie() {
|
||||
document.cookie = pdfHash + "=" + window.location.hash + "; SameSite=Strict";
|
||||
}
|
||||
|
|
|
@ -262,10 +262,10 @@
|
|||
var maxSize = <?php echo $maxSize ?>;
|
||||
var maxPage = <?php echo $maxPage ?>;
|
||||
var sharingMode = <?php echo intval(!isset($noSharingMode)) ?>;
|
||||
var hash = null;
|
||||
var pdfHash = null;
|
||||
var direction = '<?php echo $DIRECTION_LANGUAGE ?>';
|
||||
<?php if(isset($hash)): ?>
|
||||
hash = "<?php echo $hash ?>";
|
||||
pdfHash = "<?php echo $hash ?>";
|
||||
<?php endif; ?>
|
||||
|
||||
var trad = <?php echo json_encode([
|
||||
|
|
Loading…
Reference in a new issue