simono41/snappass
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
304 commits 1 branch 13 tags 1.4 MiB
Commit graph

85 commits

Author SHA1 Message Date
Yuru Shao
455db36189
Add health check endpoint (#329) 
* Add health check endpoint

* Add assertion on  status
 2024-02-02 16:14:51 -08:00
vin01
ae2747311a
Use urllib.parse for quoting/unquoting plus instead of deprecated werkzeug.urls (#300) 
Use urllib.parse for quoting/unquoting plus

werkzeug.urls.url_quote_plus and werkzeug.urls.url_unquote_plus were deprecated and are removed in 3.0.0 and newer versions.
 2023-12-01 17:54:51 -08:00
Yuru Shao
f13bc17d92
Upgrade jquery from 1.12.4 to 3.6.0 (#183) 2022-06-28 11:59:52 -07:00
Christian
9e33a8f7c1
Bump to Version 1.5.1 (#148) 2022-05-11 14:43:23 -07:00
Christian
3fbc018ff8
Adding json-output for api-like functionality (#147) 
* adding json-template for api-like functionality

* removing content-block

* adding test

* changing to flask.jsonify

* deleting template

* change from POST-param to Accept-Header
 2022-04-11 12:37:19 -07:00
Jon Parise
4b1ee0cec1 Small wording tweaks to the expiration text 2021-12-20 13:05:51 -08:00
Arjen
654d03041b
Add expired explanation page (#145) 2021-12-20 13:05:14 -08:00
Omer Hamerman
40df900dc7
Allowing full host override (#143) 2021-07-29 10:39:47 -07:00
Jon Parise
feab2f69a5
Prepare the 1.5.0 release (#127) 2020-09-15 09:22:49 -07:00
Ron Klein
5c9d3bf3cf
properly parse NO_SSL env var (#126) 
Bug fix:
The default for `NO_SSL` environment variable is `False`.
When the actual value, in runtime, is `True`, the code "ignores" it.
The reason: the code does not parse the given string. So it evaluates a non empty string as "True".
To resolve this, the suggested code parses the given string to a boolean value.
 2020-09-14 08:57:13 -07:00
Jeremiah Lee
2af7037feb
Adds option for two-week timeout. (#120) 
Also includes:

- Updated the versions in the requirements, as MarkupSafe did not install cleanly.
- Integration test that sets a password via the website, and then
verifies the timeout on the backend.
- Basic Makefile, updates to the docs to use the Makefile.

The requirements file was updated using pip freeze after I had updated the version of MarkupSafe. I don't know what the usual process is for this repo, so please let me know if I should use a different process there (that is why there are a few additions).
 2020-05-08 11:43:54 -07:00
vin01
5747ee2d14 Add url prefix for reverse proxies (#106) 2019-08-09 14:07:49 -07:00
vin01
054c61ae89 Migrate to fakeredis from mockredispy (#108) 2019-08-09 08:37:03 -07:00
Nicholas Charriere
234f43b889 Bump version: 1.4.1 → 1.4.2 2019-06-05 08:18:28 -07:00
Nicholas Charriere
e0b996d3d3 Make current version correct 2019-06-02 12:36:43 -07:00
Nicholas Charriere
37f5d2b658 Set autocomplete=off on form to avoid back history; make textarea required 2019-06-01 09:34:58 -07:00
Lauri Lubi
1ac262e34e Bots that prefetch should not destroy the secret (#100) 
* Create preview view, remove sneaky-user-agents logic

* unit tests

* rename openSecret to viewSecret

* code clean-up and style

* rename view secret to reveal secret

* update authors list

* bump version to 1.5.0
 2019-03-05 07:47:07 -08:00
Jon Parise
0bd2b4e8d9 Prepare the 1.4.1 release 
- Update the changelog
- Include our Code of Conduct and Adopters documents
 2018-10-31 15:50:49 -07:00
Brennen Smith
25e10ef8a1 Use local assets for fontawesome for isolated environments. 
Currently FontAwesome uses Cloudflare to serve font assets, however all
of the other assets are delivered locally. This standardizes the assets
to use all local assets from `/static/`.
 2018-07-05 16:43:14 -07:00
Nicholas Charriere
04ead0da32 Bump version: 1.3.0 → 1.4.0 2018-07-03 08:22:23 -07:00
Nicholas Charriere
386a378c5d Add prefix to memcache 2018-07-01 10:19:56 -07:00
Nicholas Charriere
6fe4733baa
Merge pull request #81 from pinterest/bumpversion-1.3.0 
Bump version to 1.3.0
 2018-05-07 09:45:54 -07:00
Nicholas Charriere
e45feb1cfd Bump version to 1.3.0 2018-05-07 09:23:51 -07:00
Nicholas Charriere
173f33f66e
Merge pull request #79 from pinterest/mock-redis 
Mock redis
 2018-05-07 09:13:00 -07:00
Nicholas Charriere
13f294cae5 Use werkzeug quote/unquote functions instead of urllib 2018-05-07 08:21:07 -07:00
Nicholas Charriere
9e7ca474cd py2 and py3 support 2018-05-06 15:07:01 -07:00
Nicholas Charriere
5a0beb1a75 Quote url to fix equal sign breaking outlook clients 2018-05-06 14:57:00 -07:00
Nicholas Charriere
331d421e10 Mock redis in tests using mockredis 2018-05-06 14:29:48 -07:00
Nicholas Charriere
4cf28fb4cc Bump version: 1.1.1 → 1.2.0 2017-05-25 14:08:04 -07:00
Nicholas Charriere
9e5507e9f5 Bump version: 1.1.0 → 1.1.1 2017-05-25 14:07:56 -07:00
Nicholas Charriere
2b4a6a4b50 Merge pull request #65 from samueldg/feature/secure_password_storage 
Feature/secure password storage
 2017-05-16 10:08:17 -07:00
Samuel Dion-Girardeau
734336ef67 Fix alphabetical order in main.py 2017-05-15 21:07:28 -04:00
Guewen Baconnier
7b5f804551 Add Iframely in sneaky user-agents 
This "embeds as a service" is used by many apps/websites. Discovered
when my pass got eaten by the HipChat preview.
 2017-05-12 08:27:52 +02:00
Samuel Dion-Girardeau
dc6054f09c Encrypt passwords stored in Redis 
Using symmetric encryption in the `cryptography`'s `Fernet` class,
we can ensure that no one can snoop the passwords simply by having access
to the Redis store.

An encryption key is sent to the secret receiver, along with the 32 character
Redis key that identifies the secret, which is needed to decrypt the password.
 2017-05-11 21:28:22 -04:00
Nicholas Charriere
e7da786016 Bump version fixing bumpversion workflow, minor 2017-04-28 09:47:46 -07:00
Nicholas Charriere
47d94630db Version should be a string 2017-04-22 22:33:08 -07:00
Nicholas Charriere
ee9e996fa1 All Caps for constant vars 2017-04-22 22:29:25 -07:00
Nicholas Charriere
0edacbe037 Prepare for v1.0.0 release 2017-04-22 22:26:20 -07:00
Nicholas Charriere
e7f8a40065 Merge pull request #50 from jameswthorne/no-zero-length 
Don't allow zero length form submissions
 2017-03-04 10:52:09 -08:00
Nicholas Charriere
86ecb49f94 Merge pull request #52 from jameswthorne/more-ui-tweaks 
Move brief documentation to textarea
 2017-03-04 10:50:55 -08:00
Carlos Moreno
93f6c6c06f Adding skype to SNEAKY_USER_AGENTS 2017-02-17 21:37:46 -06:00
James W Thorne
ef0cdf8e14 Forgot empty function 2017-01-17 18:17:24 -06:00
James W Thorne
21115979c4 Combine checks 2017-01-17 17:44:47 -06:00
James W Thorne
3270e84fed Move brief documentation to textarea 2017-01-12 19:37:51 -06:00
James W Thorne
d9973c3f29 Don't allow zero length form submissions 2017-01-11 21:42:35 -06:00
Nicholas Charriere
f776c7aa28 Merge pull request #46 from frontfoot/404_to_bots 
Return 404 to UserAgents matching /bot/
 2017-01-10 19:47:16 -08:00
Joseph Boiteau
58f4658154
Fix code according to @jparise comments 
- Refactor is_valid_request code
- Add "Facebot/1.0" User-Agent string
 2017-01-11 13:50:42 +11:00
Joseph Boiteau
1651ac4bd5
Return 404 to UserAgents matching list 
Empty User-Agent should not break
Add test for 404 response to /bot/
Wrap User-Agent check in `request_is_valid` method
 2017-01-11 09:48:54 +11:00
Joseph Boiteau
6cdf6f495b
Change wording ‘password’ to ‘secret’ 2017-01-05 11:06:42 +11:00
Joseph Boiteau
d330f94967
Change password input for textarea 2017-01-05 11:01:16 +11:00