Arjen
654d03041b
Add expired explanation page ( #145 )
2021-12-20 13:05:14 -08:00
Omer Hamerman
40df900dc7
Allowing full host override ( #143 )
2021-07-29 10:39:47 -07:00
Jon Parise
feab2f69a5
Prepare the 1.5.0 release ( #127 )
2020-09-15 09:22:49 -07:00
Ron Klein
5c9d3bf3cf
properly parse NO_SSL env var ( #126 )
...
Bug fix:
The default for `NO_SSL` environment variable is `False`.
When the actual value, in runtime, is `True`, the code "ignores" it.
The reason: the code does not parse the given string. So it evaluates a non empty string as "True".
To resolve this, the suggested code parses the given string to a boolean value.
2020-09-14 08:57:13 -07:00
Jeremiah Lee
2af7037feb
Adds option for two-week timeout. ( #120 )
...
Also includes:
- Updated the versions in the requirements, as MarkupSafe did not install cleanly.
- Integration test that sets a password via the website, and then
verifies the timeout on the backend.
- Basic Makefile, updates to the docs to use the Makefile.
The requirements file was updated using pip freeze after I had updated the version of MarkupSafe. I don't know what the usual process is for this repo, so please let me know if I should use a different process there (that is why there are a few additions).
2020-05-08 11:43:54 -07:00
vin01
5747ee2d14
Add url prefix for reverse proxies ( #106 )
2019-08-09 14:07:49 -07:00
vin01
054c61ae89
Migrate to fakeredis from mockredispy ( #108 )
2019-08-09 08:37:03 -07:00
Nicholas Charriere
234f43b889
Bump version: 1.4.1 → 1.4.2
2019-06-05 08:18:28 -07:00
Nicholas Charriere
e0b996d3d3
Make current version correct
2019-06-02 12:36:43 -07:00
Nicholas Charriere
37f5d2b658
Set autocomplete=off on form to avoid back history; make textarea required
2019-06-01 09:34:58 -07:00
Lauri Lubi
1ac262e34e
Bots that prefetch should not destroy the secret ( #100 )
...
* Create preview view, remove sneaky-user-agents logic
* unit tests
* rename openSecret to viewSecret
* code clean-up and style
* rename view secret to reveal secret
* update authors list
* bump version to 1.5.0
2019-03-05 07:47:07 -08:00
Jon Parise
0bd2b4e8d9
Prepare the 1.4.1 release
...
- Update the changelog
- Include our Code of Conduct and Adopters documents
2018-10-31 15:50:49 -07:00
Brennen Smith
25e10ef8a1
Use local assets for fontawesome for isolated environments.
...
Currently FontAwesome uses Cloudflare to serve font assets, however all
of the other assets are delivered locally. This standardizes the assets
to use all local assets from `/static/`.
2018-07-05 16:43:14 -07:00
Nicholas Charriere
04ead0da32
Bump version: 1.3.0 → 1.4.0
2018-07-03 08:22:23 -07:00
Nicholas Charriere
386a378c5d
Add prefix to memcache
2018-07-01 10:19:56 -07:00
Nicholas Charriere
6fe4733baa
Merge pull request #81 from pinterest/bumpversion-1.3.0
...
Bump version to 1.3.0
2018-05-07 09:45:54 -07:00
Nicholas Charriere
e45feb1cfd
Bump version to 1.3.0
2018-05-07 09:23:51 -07:00
Nicholas Charriere
173f33f66e
Merge pull request #79 from pinterest/mock-redis
...
Mock redis
2018-05-07 09:13:00 -07:00
Nicholas Charriere
13f294cae5
Use werkzeug quote/unquote functions instead of urllib
2018-05-07 08:21:07 -07:00
Nicholas Charriere
9e7ca474cd
py2 and py3 support
2018-05-06 15:07:01 -07:00
Nicholas Charriere
5a0beb1a75
Quote url to fix equal sign breaking outlook clients
2018-05-06 14:57:00 -07:00
Nicholas Charriere
331d421e10
Mock redis in tests using mockredis
2018-05-06 14:29:48 -07:00
Nicholas Charriere
4cf28fb4cc
Bump version: 1.1.1 → 1.2.0
2017-05-25 14:08:04 -07:00
Nicholas Charriere
9e5507e9f5
Bump version: 1.1.0 → 1.1.1
2017-05-25 14:07:56 -07:00
Nicholas Charriere
2b4a6a4b50
Merge pull request #65 from samueldg/feature/secure_password_storage
...
Feature/secure password storage
2017-05-16 10:08:17 -07:00
Samuel Dion-Girardeau
734336ef67
Fix alphabetical order in main.py
2017-05-15 21:07:28 -04:00
Guewen Baconnier
7b5f804551
Add Iframely in sneaky user-agents
...
This "embeds as a service" is used by many apps/websites. Discovered
when my pass got eaten by the HipChat preview.
2017-05-12 08:27:52 +02:00
Samuel Dion-Girardeau
dc6054f09c
Encrypt passwords stored in Redis
...
Using symmetric encryption in the `cryptography`'s `Fernet` class,
we can ensure that no one can snoop the passwords simply by having access
to the Redis store.
An encryption key is sent to the secret receiver, along with the 32 character
Redis key that identifies the secret, which is needed to decrypt the password.
2017-05-11 21:28:22 -04:00
Nicholas Charriere
e7da786016
Bump version fixing bumpversion workflow, minor
2017-04-28 09:47:46 -07:00
Nicholas Charriere
47d94630db
Version should be a string
2017-04-22 22:33:08 -07:00
Nicholas Charriere
ee9e996fa1
All Caps for constant vars
2017-04-22 22:29:25 -07:00
Nicholas Charriere
0edacbe037
Prepare for v1.0.0 release
2017-04-22 22:26:20 -07:00
Nicholas Charriere
e7f8a40065
Merge pull request #50 from jameswthorne/no-zero-length
...
Don't allow zero length form submissions
2017-03-04 10:52:09 -08:00
Nicholas Charriere
86ecb49f94
Merge pull request #52 from jameswthorne/more-ui-tweaks
...
Move brief documentation to textarea
2017-03-04 10:50:55 -08:00
Carlos Moreno
93f6c6c06f
Adding skype to SNEAKY_USER_AGENTS
2017-02-17 21:37:46 -06:00
James W Thorne
ef0cdf8e14
Forgot empty function
2017-01-17 18:17:24 -06:00
James W Thorne
21115979c4
Combine checks
2017-01-17 17:44:47 -06:00
James W Thorne
3270e84fed
Move brief documentation to textarea
2017-01-12 19:37:51 -06:00
James W Thorne
d9973c3f29
Don't allow zero length form submissions
2017-01-11 21:42:35 -06:00
Nicholas Charriere
f776c7aa28
Merge pull request #46 from frontfoot/404_to_bots
...
Return 404 to UserAgents matching /bot/
2017-01-10 19:47:16 -08:00
Joseph Boiteau
58f4658154
Fix code according to @jparise comments
...
- Refactor is_valid_request code
- Add "Facebot/1.0" User-Agent string
2017-01-11 13:50:42 +11:00
Joseph Boiteau
1651ac4bd5
Return 404 to UserAgents matching list
...
Empty User-Agent should not break
Add test for 404 response to /bot/
Wrap User-Agent check in `request_is_valid` method
2017-01-11 09:48:54 +11:00
Joseph Boiteau
6cdf6f495b
Change wording ‘password’ to ‘secret’
2017-01-05 11:06:42 +11:00
Joseph Boiteau
d330f94967
Change password input for textarea
2017-01-05 11:01:16 +11:00
Nicholas Charriere
ad4012dfbe
Merge pull request #47 from frontfoot/production_environment
...
Run in production mode by default
2017-01-03 11:55:42 -08:00
Joseph Boiteau
d61c08c7c7
Run in production mode by default
...
Use DEBUG environment variable to run debug mode
2017-01-03 13:36:52 +11:00
James W Thorne
f8f672f934
Added back autocomplete=off
2016-11-11 16:39:08 -06:00
James W Thorne
6b88315603
Grammar changes
2016-11-06 09:12:21 -06:00
James W Thorne
3bb3a4949d
Removed npm.js and reverted to original copy
2016-11-06 09:05:05 -06:00
James W Thorne
483448051e
UI improvements
...
* Cleaned up UI
* Updated Twitter Bootstrap to v3.3.7
* Updated jquery to 1.12.4
* Added mobile view port
2016-11-02 21:31:50 -05:00