keeweb/keeweb
1
0
Fork 0
mirror of https://github.com/keeweb/keeweb.git synced 2024-06-22 07:16:38 +02:00
Code Issues Releases Wiki Activity
1,665 Commits 7 Branches 128 Tags 48 MiB
88947f4e54
Commit Graph

875 Commits

Author SHA1 Message Date
antelle
9ee1080240 fixed white screen on startup 2017-12-03 01:04:04 +01:00
antelle
f8245fac62 up translations 2017-12-02 22:46:32 +01:00
antelle
f886cf6ee2 skip signature validation for configured plugins 2017-12-02 22:31:18 +01:00
antelle
27a0d811be plugin signature validation 2017-12-02 21:20:19 +01:00
antelle
2aadc27db8 asar packaging 2017-12-02 20:38:13 +01:00
antelle
fd11c3011e removed old texts 2017-12-02 16:45:16 +01:00
antelle
0f47430b8d fixed locking message texts 2017-12-02 16:31:29 +01:00
antelle
75ff0e4311 fixed official plugins display 2017-11-28 18:54:06 +01:00
antelle
f390b690a7 fix #353: WebDAV file creation 2017-11-27 22:11:00 +01:00
antelle
33519c7c60 fixed double OAuth errors 2017-11-27 19:00:39 +01:00
antelle
4ec08bf50e fix #648: auto-type on subdomains 2017-11-26 22:49:57 +01:00
antelle
62cdb32423 onedrive Graph API 2017-11-26 21:43:36 +01:00
antelle
08fbb9bf79 fix #750: prevent undo at login 2017-11-26 21:00:45 +01:00
antelle
42bea50907 fix #467: don't remove spaces in custom fields 2017-11-26 20:52:00 +01:00
antelle
78fed18d75 fix 509: clear clipboard on exit 2017-11-26 20:44:53 +01:00
antelle
51cd1eea9a removed duplicated parameter 2017-11-26 20:34:32 +01:00
antelle
8f8fa6faa1 list google drive files 2017-11-26 20:34:14 +01:00
antelle
db36cbaebb fix #686: disable click to open for canOpen=false 2017-11-26 19:21:16 +01:00
antelle
fb12ce3a6a fix #707: fix discard changes 2017-11-26 19:13:48 +01:00
antelle
b3cd56b9c4 fix #780: clear template group on deletion 2017-11-26 18:58:37 +01:00
antelle
7d13b49093 redesigned Dropbox chooser 2017-11-26 17:26:58 +01:00
antelle
32dcb31085 support more memory in argon2 2017-11-14 22:46:23 +01:00
antelle
9d3b904988 fixed license links 2017-11-13 22:48:38 +01:00
antelle
078af21a01 fix #777: replaced favicon service url 2017-11-13 22:35:46 +01:00
antelle
8eaa9c92fa fix #774: reset creation time for cloned entries 2017-11-06 18:59:59 +01:00
antelle
ae57a5a65e fix #768: password can be hidden as other fields 2017-11-04 09:53:26 +01:00
antelle
360d3ac6f6 fix #770: show usernames in in entry list 2017-11-04 09:38:56 +01:00
antelle
8d523f7e85 fixed typos 2017-10-15 16:29:56 +02:00
antelle
c3c60fd613 check params on xml import 2017-09-29 20:37:38 +02:00
antelle
49b999693c fixed error after importing bad xml 2017-09-29 20:35:35 +02:00
antelle
34f91ac3af fix #724: loading app config bug 2017-08-31 22:26:06 +02:00
antelle
954a38b8d8 Merge branch 'master' into develop 2017-08-31 21:30:20 +02:00
antelle
c1decbcd5a fix #653: auto-closing tab when starting from link 
(cherry picked from commit bcafbde)
 2017-08-31 19:12:00 +02:00
antelle
7961d2a660 fixed config link check 2017-08-31 19:08:39 +02:00
antelle
1ac61799fe prevent keeweb from working in iframe 2017-08-31 18:56:11 +02:00
antelle
624755029f check config location 2017-08-30 19:14:42 +02:00
sainaen
9ff47971c7 Add rel=noreferrer to links in the URL field 
When opened from the webapp, a malicious target page could trigger
navigation in the KeeWeb's tab using `window.opener`.

The proper way to fix this would be using `rel=noopener`, but
unfortunately even the latest versions of IE do not support it.
At the same time `rel=noreferrer`, for historical reasons, implies
`rel=noopener` when used with `target=blank` and is supported
by IE11 (in later versions of Windows 10) and Edge.

More details and examples of the attack
at [Mathias Bynens' website](https://mathiasbynens.github.io/rel-noopener/).
 2017-08-30 19:13:58 +02:00
antelle
b29615b5aa check config location 2017-08-30 18:52:54 +02:00
antelle
18a3a4450e Merge branch 'sainaen-imp-ext-links-sec' into develop 2017-07-24 23:20:46 +02:00
sainaen
7a99e42bde
Add rel=noreferrer to links in the URL field 
When opened from the webapp, a malicious target page could trigger
navigation in the KeeWeb's tab using `window.opener`.

The proper way to fix this would be using `rel=noopener`, but
unfortunately even the latest versions of IE do not support it.
At the same time `rel=noreferrer`, for historical reasons, implies
`rel=noopener` when used with `target=blank` and is supported
by IE11 (in later versions of Windows 10) and Edge.

More details and examples of the attack
at [Mathias Bynens' website](https://mathiasbynens.github.io/rel-noopener/).
 2017-07-24 23:50:42 +03:00
antelle
569c44f78c hide unsupported option 2017-06-12 21:07:09 +02:00
antelle
6163fa4ba8 fix #422: lock on mac lock 2017-06-12 21:02:16 +02:00
antelle
51d172c79a fixed auth popup message 2017-06-11 19:41:56 +02:00
antelle
bee819cc98 show dropbox list errors 2017-06-11 19:35:18 +02:00
antelle
849b9b06a9 preview pem files 2017-06-11 12:14:41 +02:00
antelle
087dd6cae0 eslint 2017-06-06 20:42:25 +02:00
antelle
31f5f2d88a plugin signature validation 2017-06-06 20:40:27 +02:00
antelle
c86042b885 local resource signature validation 2017-06-06 19:55:46 +02:00
antelle
f4d5e51983 override userData path for desktop 2017-06-05 13:33:12 +02:00
antelle
41656b76b6 save plugin gallery in desktop 2017-06-05 11:48:03 +02:00