When going to the url created by the instance (eg https://privatebin.net/?2434aeba56102b5d#oItJ0dchxiUuIbkw/BQWUN9XO+cm/RBVxrYZpIKPjws= ) a password is asked (Please enter the password for this paste:)
We should see the code pasted
No idea where it come from, it's why I create a gist (see above ↑)
Server address: https://privatebin.net/ but reproductible on ~all public server
PrivateBin version: 1.2.1
I can reproduce this issue on https://privatebin.net: Yes
And also, if a password is set, this won't work properly (The password is not correct).
I assume you paste always the same text to reproduce this. It is likely the same issue as #193 & #260: In some rare cases the rawdeflate library isn't able to correctly decompress it's own input. When this happens, the decryption fails and PB asks for a password, as that is the usual reason why the decryption fails. There isn't actually a property that marks pastes as requiring a password.
If this is indeed the problem, it will be solved be the adoption of a bug-free compression library in the next release. We didn't previously switch to a new library since the same bug also makes it impossible to decompress many PB pastes with standard compliant decompression libraries. By making this change explicit in the paste format, we can offer backwards compatibility. But it requires the design of a new format.
@Arregi thanks for adding this test :-)
@elrido Yes, it should be the same text, thank you.
Is it planned to somehow fix that (with the adoption of a bug-free compression library) in the 1.3.x release, or in a next major release (2.x)?
This is part of the 1.3 release track:
https://github.com/PrivateBin/PrivateBin/projects/3
So far I wouldn't consider this a 2.x release, because all changes planned for 1.3 are invisible from a UI perspective (same as for 1.2, which was the big JS refactoring). Same features, just implemented differently.
So closing as a dupe of https://github.com/PrivateBin/PrivateBin/issues/260 (and others).
Most helpful comment
This is part of the 1.3 release track:
https://github.com/PrivateBin/PrivateBin/projects/3
So far I wouldn't consider this a 2.x release, because all changes planned for 1.3 are invisible from a UI perspective (same as for 1.2, which was the big JS refactoring). Same features, just implemented differently.