Privacy: Specify that a cookie is used to indicate if the user has cl…

…icked through the warning page.
espebra · Dec 14, 2024 · dde1276 · dde1276
1 parent 8d9a85f
commit dde1276
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/http_index.go b/http_index.go
@@ -78,11 +78,17 @@ func (h *HTTP) privacy(w http.ResponseWriter, r *http.Request) {
 
 	type Data struct {
 		ds.Common
+		CookiesInUse bool
 		Bin ds.Bin `json:"bin"`
 	}
+
 	var data Data
 	data.Page = "privacy"
 
+	if h.config.RequireCookie == true {
+		data.CookiesInUse = true
+	}
+
 	if err := h.templates.ExecuteTemplate(w, "privacy", data); err != nil {
 		fmt.Printf("Failed to execute template: %s\n", err.Error())
 		http.Error(w, "Errno 302", http.StatusInternalServerError)

diff --git a/templates/privacy.html b/templates/privacy.html
@@ -24,6 +24,10 @@ <h1>Privacy</h1>
                 <p>Meta data about transactions, including the IP address of clients uploading and downloading files, is logged for abuse handling purposes and may be shared with third parties in this context.</p>
 
                 <p>This service is using <a href="https://en.wikipedia.org/wiki/HTTPS">HTTPS</a> to secure <a href="https://en.wikipedia.org/wiki/Data_in_transit">data in transit</a>. This mechanism provide data protection from a limited set of scenarios such as man-in-the-middle attacks. The content is, however, not encrypted on the server side. It is recommended that the client encrypts the content prior to uploading it.</p>
+
+		{{ if .CookiesInUse }}
+		<p>A cookie named <code>verified</code> is stored in the client's browser to signal to Filebin if the user has acknowledged the risk involved in downloading files from this service.</p>
+		{{ end }}
             </div>
         </div>