Merge branch 'master' into develop

pull/754/head
antelle 2017-08-31 21:30:20 +02:00
commit 954a38b8d8
7 changed files with 26 additions and 9 deletions

View File

@ -24,7 +24,7 @@ const Locale = require('./util/locale');
const ready = Launcher && Launcher.ready || $;
ready(() => {
if (FeatureDetector.isPopup && AuthReceiver.receive()) {
if (FeatureDetector.isPopup && AuthReceiver.receive() || FeatureDetector.isFrame) {
return;
}
loadMixins();

View File

@ -54,9 +54,7 @@ const AppModel = Backbone.Model.extend({
loadConfig: function(configLocation) {
return new Promise((resolve, reject) => {
if (configLocation.indexOf('//') >= 0) {
throw 'Config must be located on the same domain';
}
this.ensureCanLoadConfig(configLocation);
this.appLogger.debug('Loading config from', configLocation);
const ts = this.appLogger.ts();
const xhr = new XMLHttpRequest();
@ -94,6 +92,19 @@ const AppModel = Backbone.Model.extend({
});
},
ensureCanLoadConfig(url) {
if (!FeatureDetector.isSelfHosted) {
throw 'Configs are supported only in self-hosted installations';
}
const link = document.createElement('a');
link.href = url;
const isExternal = link.host && link.host !== location.host;
if (isExternal) {
throw 'Loading config from this location is not allowed';
}
document.removeChild(link);
},
applyUserConfig(config) {
this.settings.set(config.settings);
if (config.files) {

View File

@ -11,6 +11,7 @@ const FeatureDetector = {
isMobile: MobileRegex.test(navigator.userAgent) || screen.width < MinDesktopScreenWidth,
isPopup: !!((window.parent !== window.top) || window.opener),
isStandalone: !!navigator.standalone,
isFrame: window.top !== window,
isBeta: window.location.href.toLowerCase().indexOf('beta.') > 0,
isSelfHosted: !isDesktop && !/^http(s?):\/\/((localhost:8085)|((app|beta)\.keeweb\.info))/.test(location.href),
needFixClicks: /Edge\/14/.test(navigator.appVersion),

View File

@ -5,13 +5,13 @@
<div class="key-change__message">{{message}}:</div>
<div class="key-change__input">
<input class="key-change__file hide-by-pos" type="file" />
<input class="key-change__pass" type="password" size="30" autocomplete="off" maxlength="1024" autofocus
<input class="key-change__pass" type="password" size="30" autocomplete="new-password" maxlength="1024" autofocus
placeholder="{{Res 'password'}}" />
<div class="key-change__keyfile">
<i class="fa fa-key"></i> {{res 'openKeyFile'}}<span class="key-change__keyfile-name"></span>
</div>
{{#if repeat}}
<input class="key-change__pass-repeat" type="password" size="30" autocomplete="off" maxlength="1024"
<input class="key-change__pass-repeat" type="password" size="30" autocomplete="new-password" maxlength="1024"
placeholder="Repeat password" />
{{/if}}
</div>

View File

@ -50,7 +50,7 @@
<i class="fa fa-warning"></i> {{res 'setFilePassChanged'}}
</span>
</label>
<input type="password" class="settings__input input-base" id="settings__file-master-pass" value="{{password}}" />
<input type="password" class="settings__input input-base" id="settings__file-master-pass" value="{{password}}" autocomplete="new-password" />
<label for="settings__file-key-file">{{res 'setFileKeyFile'}}:</label>
<select class="settings__select settings__select-no-margin input-base" id="settings__file-key-file"></select>
<a id="settings__file-file-select-link">{{res 'setFileSelKeyFile'}}</a>

View File

@ -1,6 +1,6 @@
{
"name": "KeeWeb",
"version": "1.5.4",
"version": "1.5.6",
"description": "Free cross-platform password manager compatible with KeePass",
"main": "main.js",
"homepage": "https://keeweb.info",

View File

@ -8,8 +8,13 @@ Release notes
`-` fixed auto-closing tab when starting from link
`-` fixed tray icon click crash
##### v1.5.6 (2017-08-31)
`-` fix #722: hang on start in desktop
`-` fix #653: auto-closing tab when starting from link
##### v1.5.5 (2017-08-30)
`-` fixed some security issues
`-` fix #621, #340: tray icon crash
`-` fixed some security issues
##### v1.5.4 (2017-06-03)
`-` fix #649: loading keyfiles with path