diff --git a/docs/plugins/haveibeenpwned/index.html b/docs/plugins/haveibeenpwned/index.html index 3f75e6c..65d55c1 100644 --- a/docs/plugins/haveibeenpwned/index.html +++ b/docs/plugins/haveibeenpwned/index.html @@ -14,7 +14,11 @@

KeeWeb Plugin: HaveIBeenPwned

https://plugins.keeweb.info/plugins/haveibeenpwned -

This plugin checks the HaveIBeenPwned site each time you enter either a user name or a password to look if they have been pawned in a breach. The password is safely checked (not sent over the network).

+

This plugin checks the HaveIBeenPwned site each time you enter a password to look if it has been pawned in a breach.
+Note: Passwords is safely checked (only a hash is sent over the network).

+

Since the V3 version of the HaveIBeenPwned API (mid 2019), checking user names is not free anymore +(3.5$/month, see API V3 Key)...
+So user name checking has been disabled in the latest version of this plugin.

Freely inspired from the equivalent keepass plugin

diff --git a/docs/plugins/haveibeenpwned/manifest.json b/docs/plugins/haveibeenpwned/manifest.json index 0e050c7..3518c0a 100644 --- a/docs/plugins/haveibeenpwned/manifest.json +++ b/docs/plugins/haveibeenpwned/manifest.json @@ -1,5 +1,5 @@ { - "version": "0.1.2", + "version": "0.1.7", "manifestVersion": "0.1.0", "name": "haveibeenpwned", "description": "Check HaveIBeenPwned password database", @@ -9,10 +9,10 @@ "url": "https://github.com/leolivier" }, "resources": { - "js": "EEBWgG1bDfxgoVs3oe5QE9tefQs5PUvjx/52pL3K1vFSop7eRVCQk7RO0QoiMmWccvwQc3xEdgJNXNtFc8FsAhvoypTASyBcdpW39XRQyNEnNMywmlWoxEzZ+4i6upmijZ/1k/aoZTRu0n9rJGovSY69UU2EWHMTfwDVE0+/NV38iQll7u9jJU4HS2kVFaJOgf6KVAulZYjDDH15rJEPBQOm9OWcZlShijcS7RzSFYwy90tebFGiWMhOsjASYsj4HiyyMMoD59h8ERMBiClEjmf4PcMYWAEydwugqbQugKE+aV675Os47H5XH7fPEag7i1S0XF3Sif9e+QiZoATPBg==", - "css": "POSiE6zEtm9jwglrZFddoO9Z6H2xv7/wo+4joOaOx28d0J3vPqWFHcuNAhfwOTmRLgM5wBEa86LrBbu+1vU1zqF9fUXXKLLFpd80xtvqy+Rwr/JanXIB8j9AU5/+QbNUC+6u5z7usdn/vMKLHSDcHSI/OwXCCdIpgIsjGQw7IaSxRv6fYRf2p8MqUsU4bL7RIPWBc7qiyvK2I7QGpkwe2nu87laX7cNOYPMI2hTJJruErGIfFVmxLUhfHdDIbU3f4hDyreVIGQT3UtkQSkpKc6pYIWsihs+OnjLrMiHQCjekBxP53aButrWSMFDt1koC7bzdtIJX4u8tsM0G2d/1XQ==" + "js": "eyKqyfSby3DX7+u0qmF45JCzxZOhrY7y//LC6Mlz8vdaGPQrGvAS3vAPK99/qLZK9GF327NyCU2Zs/sGLFNxw4/gUpPtLj7t4/wH7ctQcE8H9S1LtlGwWhrGYBN7PpXe5rtlcfOR6ttpag8xCMQT87cc6sw0TiUoAb6110ANpi3LbloJWs3flCuxwtbKEO7IVPS99GvEMgeUPe1ZyVbNnnO83FzuNjILlsrkEmctJDGZLLbOZIVO24VsD4HtnmQcsDKbRcCwoCO3dEGRvmcgi7Hpsz8D3zzsqMnN+6xAsiD10rLqubRjfm/IkWbu2xm8Ax7+YDzFuN0cXKN6eqFjcw==", + "css": "F8hkZOvzoYhHhACwsSct+CJofHL/FVQ0mO5VcRByQpnGjYqkNh9qCrsLfm7I8DA1dcvv1R4P+44YnrTeAJ/S3bgDCq2PlJ+rg/0L0EeIVLOfqedMQU7VCFIRoM5Zz51sKzakjCEs7iNpddEtI0vz7fDeV6PXo4UPMS9vzNu00Ja8Bx5HDzfuvlgQppT46LKZEqyvTtl//24hOwTmuhpRbEseBqEpfrC9aSj0UsB9IhvDirycH99ZYZ+PBvMnPUM1N8iexsab9dN3TaS/8uc3rVq6n8KQ/dGmb6aGq4q4WtOm23hN82LVS6Zpf1Vfl7x6ULRHGUxDbMbdWJ490vcpSA==" }, "url": "https://plugins.keeweb.info/plugins/haveibeenpwned", "publicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oZB2Kt7AzRFNqf8FuO3C3kepHPAIQYiDPYdQxHcsiaFCwyKVx6K1cE/3vBhb8/2rj+QIIWNfAAuu1Y+2VK90ZBeq6HciukWzQRO/HWhfdy0c7JwDAslmyGI5olj0ZQkNLhkde1MiMxjDPpRhZtdJaryVO5cFJaJESpv3dV6m0qXsaQCluWYOSNfSjP9C8o2zRVjSi3ZQZnZIV5pnk9K2MtlZIPXrN9iJiM5zZ9DTSnqApI6dC9mX4R3LvGN+GTovm9C8Crl+qb106nGRR3LcweicDnPyMtZLa/E0DBpWYxUVLDp6WeLhxoUBr+6+t3Xp9IDnPoANDQXJXD0f1vQxQIDAQAB", "license": "MIT" -} +} \ No newline at end of file diff --git a/docs/plugins/haveibeenpwned/plugin.css b/docs/plugins/haveibeenpwned/plugin.css index 33f8cf3..2d49c90 100644 --- a/docs/plugins/haveibeenpwned/plugin.css +++ b/docs/plugins/haveibeenpwned/plugin.css @@ -4,7 +4,7 @@ text-align: center; background-color: var(--text-color); background-size:cover; - position: relative;; + position: relative; width:1.5em; height:1.5em; animation: hibp-spin 1s linear 0s infinite; diff --git a/docs/plugins/haveibeenpwned/plugin.js b/docs/plugins/haveibeenpwned/plugin.js index 0dcd7b9..ab667c0 100644 --- a/docs/plugins/haveibeenpwned/plugin.js +++ b/docs/plugins/haveibeenpwned/plugin.js @@ -67,9 +67,9 @@ class HIBPUtils { }); xhr.open(config.method || 'GET', config.url); if (config.headers) { - config.headers.forEach((value, key) => { - xhr.setRequestHeader(key, value); - }); + for (const key in config.headers) { + xhr.setRequestHeader(key, config.headers[key]); + }; }; xhr.send(config.data); }; @@ -135,7 +135,7 @@ DetailsView.prototype.checkNamePwned = function (name) { url: url, method: 'GET', responseType: 'json', - headers: undefined, + headers: {'Access-Control-Allow-Origin': '*'}, data: null, statuses: [200, 404], success: (data, xhr) => { @@ -158,7 +158,7 @@ DetailsView.prototype.checkPwdPwned = function (passwordHash) { url: `https://api.pwnedpasswords.com/range/${prefix}`, method: 'GET', responseType: 'text', - headers: undefined, + headers: {'Access-Control-Allow-Origin': '*'}, data: null, statuses: [200, 404], success: data => { @@ -204,23 +204,27 @@ module.exports.getSettings = function () { label: 'Check passwords against HaveIBeenPwned list', type: 'checkbox', value: hibp.checkPwnedPwd - }, { - name: 'checkPwnedName', - label: 'Check user ids against HaveIBeenPwned list', - type: 'checkbox', - value: hibp.checkPwnedName + // disabled since API V3 of HaveIbeenPwned is not free anymore for checking accounts + // }, { + // name: 'checkPwnedName', + // label: 'Check user ids against HaveIBeenPwned list', + // type: 'checkbox', + // value: hibp.checkPwnedName }, { name: 'blockPwnedPwd', label: 'Block pwned passwords if they are in HaveIBeenPwned list', type: 'checkbox', value: hibp.blockPwnedPwd - }, { - name: 'blockPwnedName', - label: 'Block pwned names if they are in HaveIBeenPwned list', - type: 'checkbox', - value: hibp.blockPwnedName + // }, { + // name: 'blockPwnedName', + // label: 'Block pwned names if they are in HaveIBeenPwned list', + // type: 'checkbox', + // value: hibp.blockPwnedName }]; }; +// disabled since API V3 of HaveIbeenPwned is not free anymore for checking accounts +hibp.checkPwnedName = false; +hibp.blockPwnedName = false; module.exports.setSettings = function (changes) { for (const field in changes) {