Merge branch 'master' into develop

# Conflicts:
#	release-notes.md
This commit is contained in:
antelle 2020-12-30 13:01:12 +01:00
commit fb56ba2f0d
No known key found for this signature in database
GPG Key ID: 63C9777AAB7C563C
9 changed files with 51 additions and 34 deletions

View File

@ -83,7 +83,8 @@ Object.defineProperty(SecureInput.prototype, 'value', {
let ch;
let bytes;
for (let i = 0; i < len; i++) {
ch = String.fromCharCode(pseudoValue.charCodeAt(i) ^ salt[i]);
const pseudoCharCode = pseudoValue.charCodeAt(i);
ch = String.fromCharCode(salt[i] ^ pseudoCharCode);
bytes = kdbxweb.ByteUtils.stringToBytes(ch);
for (let j = 0; j < bytes.length; j++) {
valueBytes[byteLength] = bytes[j] ^ saltBytes[byteLength];

View File

@ -353,15 +353,26 @@
"setGenDownloadAndRestart": "Télécharger la mise à jour et redémarrer",
"setGenAppearance": "Apparence",
"setGenTheme": "Thème",
"setGenThemeDefault": "Défaut",
"setGenThemeDark": "Sombre",
"setGenThemeLight": "Clair",
"setGenThemeFb": "Bleu plat",
"setGenThemeBlue": "Bleu",
"setGenThemeFb": "Bleu foncé",
"setGenThemeBl": "Bleu clair",
"setGenThemeBrown": "Brownie",
"setGenThemeDb": "Marron foncé",
"setGenThemeLb": "Brun clair",
"setGenThemeTerminal": "Terminal",
"setGenThemeTe": "Terminal",
"setGenThemeLt": "Terminal clair",
"setGenThemeHighContrast": "Contraste élevé",
"setGenThemeHc": "Contraste élevé",
"setGenThemeDc": "Contraste foncé",
"setGenThemeSol": "Solarisé",
"setGenThemeSd": "Solarized dark",
"setGenThemeSl": "Solarized light",
"setGenMoreThemes": "Plus de thèmes",
"setGenAutoSwitchTheme": "Basculer automatiquement entre les thèmes clairs et foncés lorsque possible",
"setGenLocale": "Langue",
"setGenLocOther": "d'autres langues sont disponibles en tant que modules",
"setGenFontSize": "Taille de police",
@ -570,7 +581,7 @@
"setAboutTitle": "À propos",
"setAboutBuilt": "Cette appli est construite avec ces outils géniaux",
"setAboutLic": "Licence",
"setAboutLicComment": "Cette application et tous les composants qu'elle contient qui ne sont pas dans le domaine public sont sous licence MIT",
"setAboutLicComment": "Cette application et tous les composants qu'elle contient qui ne sont pas dans le domaine public sont sous licence MIT, sauf si autrement spécifié",
"setAboutFirst": "Ceci est une application open-source créée par {}",
"setAboutSecond": " et sous licence {}.",
"setAboutSource": "Le code source et les problèmes sont sur {}.",

View File

@ -336,10 +336,10 @@ class EntryModel extends Model {
}
sanitizeFieldValue(val) {
if (val && !val.isProtected && val.indexOf('\x1A') >= 0) {
if (val && !val.isProtected) {
// https://github.com/keeweb/keeweb/issues/910
// eslint-disable-next-line no-control-regex
val = val.replace(/[\x00-\x1F]/g, '');
val = val.replace(/[\x00-\x1F\uFFF0-\uFFFF]/g, '');
}
return val;
}

View File

@ -260,12 +260,7 @@ class StorageWebDav extends StorageBase {
if (opts.password) {
const fileId = file.uuid;
const password = opts.password;
let encpass = '';
for (let i = 0; i < password.length; i++) {
encpass += String.fromCharCode(
password.charCodeAt(i) ^ fileId.charCodeAt(i % fileId.length)
);
}
const encpass = this._xorString(password, fileId);
result.encpass = btoa(encpass);
}
return result;
@ -276,13 +271,19 @@ class StorageWebDav extends StorageBase {
if (opts.encpass) {
const fileId = file.uuid;
const encpass = atob(opts.encpass);
let password = '';
for (let i = 0; i < encpass.length; i++) {
password += String.fromCharCode(
encpass.charCodeAt(i) ^ fileId.charCodeAt(i % fileId.length)
);
}
result.password = password;
result.password = this._xorString(encpass, fileId);
}
return result;
}
_xorString(str, another) {
let result = '';
for (let i = 0; i < str.length; i++) {
const strCharCode = str.charCodeAt(i);
const anotherIx = i % another.length;
const anotherCharCode = another.charCodeAt(anotherIx);
const resultCharCode = strCharCode ^ anotherCharCode;
result += String.fromCharCode(resultCharCode);
}
return result;
}

View File

@ -1,6 +1,6 @@
{
"name": "KeeWeb",
"version": "1.16.5",
"version": "1.16.6",
"lockfileVersion": 1,
"requires": true,
"dependencies": {

View File

@ -1,6 +1,6 @@
{
"name": "KeeWeb",
"version": "1.16.5",
"version": "1.16.6",
"description": "Free cross-platform password manager compatible with KeePass",
"main": "main.js",
"homepage": "https://keeweb.info",

20
package-lock.json generated
View File

@ -1,6 +1,6 @@
{
"name": "keeweb",
"version": "1.16.5",
"version": "1.16.6",
"lockfileVersion": 1,
"requires": true,
"dependencies": {
@ -5188,9 +5188,9 @@
"integrity": "sha512-BSKB+TSpMpFI/HOxCNr1O8aMOTZ8hT3pM3GQ0w/mWRmkhEDSFJkkyzz4XQsBV44BChwGkrDfMyjVD0eA2aFV3w=="
},
"dompurify": {
"version": "2.2.2",
"resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.2.2.tgz",
"integrity": "sha512-BsGR4nDLaC5CNBnyT5I+d5pOeaoWvgVeg6Gq/aqmKYWMPR07131u60I80BvExLAJ0FQEIBQ1BTicw+C5+jOyrg=="
"version": "2.2.6",
"resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.2.6.tgz",
"integrity": "sha512-7b7ZArhhH0SP6W2R9cqK6RjaU82FZ2UPM7RO8qN1b1wyvC/NY1FNWcX1Pu00fFOAnzEORtwXe4bPaClg6pUybQ=="
},
"domutils": {
"version": "1.7.0",
@ -9783,9 +9783,9 @@
}
},
"kdbxweb": {
"version": "1.13.0",
"resolved": "https://registry.npmjs.org/kdbxweb/-/kdbxweb-1.13.0.tgz",
"integrity": "sha512-WDTZH63zYP4zdS/kCigyIeX0kEboRgR7wuToaLBHVchTKeNOisi3d2rdpJRQaCzcAAzoqOR8nZon2wpW8DH1+w==",
"version": "1.14.0",
"resolved": "https://registry.npmjs.org/kdbxweb/-/kdbxweb-1.14.0.tgz",
"integrity": "sha512-Hg+PBdur4Mp/pmKuj1vZfYB4uCONdNlJI8H65VO5beK/EexRwuJQBSxW8mIbHHrLP701Q2KDlc7GLeSrs3dRMA==",
"requires": {
"pako": "github:keeweb/pako#653c0b00d8941c89d09ed4546d2179001ec44efc",
"text-encoding": "github:keeweb/text-encoding#4dfb7cb0954c222852092f8b06ae4f6b4f60bfbb",
@ -10484,9 +10484,9 @@
}
},
"marked": {
"version": "1.2.5",
"resolved": "https://registry.npmjs.org/marked/-/marked-1.2.5.tgz",
"integrity": "sha512-2AlqgYnVPOc9WDyWu7S5DJaEZsfk6dNh/neatQ3IHUW4QLutM/VPSH9lG7bif+XjFWc9K9XR3QvR+fXuECmfdA=="
"version": "1.2.7",
"resolved": "https://registry.npmjs.org/marked/-/marked-1.2.7.tgz",
"integrity": "sha512-No11hFYcXr/zkBvL6qFmAp1z6BKY3zqLMHny/JN/ey+al7qwCM2+CMBL9BOgqMxZU36fz4cCWfn2poWIf7QRXA=="
},
"matcher": {
"version": "3.0.0",

View File

@ -1,6 +1,6 @@
{
"name": "keeweb",
"version": "1.16.5",
"version": "1.16.6",
"description": "Free cross-platform password manager compatible with KeePass",
"main": "Gruntfile.js",
"private": true,
@ -30,7 +30,7 @@
"chai": "^4.2.0",
"cross-env": "^7.0.2",
"css-loader": "^5.0.1",
"dompurify": "^2.2.2",
"dompurify": "^2.2.6",
"electron": "^11.0.3",
"electron-builder": "^22.9.1",
"electron-notarize": "^1.0.0",
@ -67,10 +67,10 @@
"jquery": "3.5.1",
"json-loader": "^0.5.7",
"jsqrcode": "github:antelle/jsqrcode#0.1.3",
"kdbxweb": "^1.13.0",
"kdbxweb": "^1.14.0",
"load-grunt-tasks": "5.1.0",
"lodash": "^4.17.20",
"marked": "^1.2.5",
"marked": "^1.2.7",
"mini-css-extract-plugin": "^1.3.1",
"mocha": "^8.2.1",
"morphdom": "^2.6.1",

View File

@ -8,6 +8,10 @@ Release notes
`+` favicon download improvements
`+` auto-type field selection dropdown improvements
##### v1.16.6 (2020-12-30)
`-` fix #1668: opening files with bad characters
`*` upgraded a vulnerable dependency
##### v1.16.5 (2020-12-18)
`-` using custom OneDrive without a secret
`+` GitHub funding link