MirrorHub/bitwarden_rs
0
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden synced 2024-06-01 03:29:03 +02:00
Code Issues Releases Wiki Activity
2053 commits 2 branches 58 tags 18 MiB
Commit graph

85 commits

Author SHA1 Message Date
Daniel García d292269ea0
Make the blacklist logic be cached 2019-10-10 23:21:22 +02:00
Daniel García e6b763026e
Merge branch 'master' into icon-security 2019-10-05 16:45:36 +02:00
BlackDex be2916333b Fixed issue #565 
Issue fixed by omitting the cookie header when cookie_str is empty
 2019-10-05 15:45:09 +02:00
BlackDex 9124d8a3fb Updated icon blacklisting. 
- Blacklisting was not effective for redirects and rel href
- Able to blacklist non global IP's like RFC1918, multicast etc...
 2019-10-05 14:48:15 +02:00
BlackDex e7b6238f43 Added reqwest proxy support 2019-08-12 17:24:32 +02:00
Daniel García c9c3f07171
Updated dependencies and fixed panic getting icons 2019-07-30 19:42:05 +02:00
Daniel García 4b40cda910
Added domain blacklist regex for icons service and improved valid domain check. 
Reorganized the icons code a bit.
 2019-03-18 22:12:39 +01:00
Daniel García 04922f6aa0
Some formatting and dependency updates 2019-03-03 16:11:55 +01:00
BlackDex 3b27dbb0aa Added config option for icon download timeout 2019-02-12 21:56:28 +01:00
Daniel García 877408b808
Implement basic config loading and updating. No save to file yet. 2019-02-06 17:34:29 +01:00
BlackDex 9026cc8d42 Fixed issue when the iconlist is smaller then 5 
When the iconlist was smaller then 5 items, it would cause a panic.
Solved by using .truncate() on the iconlist.
 2019-02-04 17:27:40 +01:00
BlackDex 574b040142 Loop through the iconlist until an icon is found 
Loop for a maximum of 5 times through the iconlist or until a
successful download of an icon.
 2019-02-04 16:59:52 +01:00
BlackDex c13f115473 Fixed issue #380 
- Created a separate function for parsing the sizes attribute
 - Parsing sizes now with regex
 - Should work with any non-digit separator
 2019-02-04 12:55:39 +01:00
BlackDex bc461d9baa Some small changes on the iter of the cookies 2019-01-31 17:58:03 +01:00
BlackDex 5016e30cf2 Added cookies to the icon download request. 
Some sites use XSRF Tokens, or other Tokens to verify a subseqense
response. The cookies which are sent during the page request are now
used when downloading the favicon.

A site which uses this is mijn.ing.nl.
 2019-01-31 15:49:58 +01:00
Daniel García 2a60414031
Reuse the client between requests, and use the client when downloading the icons themselves 2019-01-29 21:21:26 +01:00
BlackDex feb74a5e86 Changed the way to fix the href 
- Using url from reqwest to fix href, this fixes:
   + "//domain.com/icon.png"
   + "relative/path/to/icon.png"
   + "/absolute/path/to/icon.png"
 - Removed fix_href function
 - Some variable changes
 2019-01-29 18:08:23 +01:00
Daniel García c0e350b734
Disable icon downloads, accept optional query after icon href, format and clippy fixes 2019-01-28 23:58:32 +01:00
BlackDex 4de16b2d17 Removed unwrap and added ? 2019-01-27 16:25:02 +01:00
BlackDex da068a43c1 Moved function call to get_icon_url to prevent error bubbeling 2019-01-27 16:03:18 +01:00
BlackDex 9657463717 Added better favicon downloader. 2019-01-27 15:39:19 +01:00
Daniel García a1dc47b826
Change config to thread-safe system, needed for a future config panel. 
Improved some two factor methods.
 2019-01-25 18:24:57 +01:00
Daniel García a797459560
Implement HIBP check [WIP]. 
Add extra security attributes to admin cookie.
Error handling.
 2019-01-20 15:36:33 +01:00
Daniel García 172f1770cf
Embed the icon in the binary, no need to download when it's not going to change 2018-12-30 21:31:12 +01:00
Steven Noonan a55c048a62
icons: implement positive/negative cache TTLs 
Signed-off-by: Steven Noonan <steven@uplinklabs.net>
 2018-12-18 13:33:32 -08:00
Daniel García 94810c106a
Migrate to rust 2018 edition 2018-12-07 02:05:45 +01:00
Daniel García 2fde4e6933
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested) 2018-12-06 20:35:25 +01:00
Daniel García 8651df8c2a
Fixed some lint issues 2018-09-13 21:55:23 +02:00
Daniel García ea600ab2b8 Don't ignore errors while downloading icons 2018-07-01 15:27:42 +02:00
Daniel García 538dc00234 Improved configuration and documented options. Implemented option to disable web vault and to disable the use of bitwarden's official icon servers 2018-06-12 21:09:42 +02:00
Daniel García 483066b9a0 Some style changes, removed useless matches and formats 2018-06-11 15:44:37 +02:00
Daniel García 0e644d2711 Fixed icons and updated web-vault 2018-02-17 18:48:42 +01:00
Daniel García 84a75c871b Improved error messagees, implemented delete ciphers, attachments and account, implemented two factor recovery. 
Known missing:
 - import ciphers, create ciphers types other than login and card, update ciphers
 - clear and put device_tokens
 - Equivalent domains
 - Organizations
 2018-02-15 19:05:57 +01:00
Daniel García 31bf2bc2b1 Solved some warnings 2018-02-15 00:53:11 +01:00
Daniel García 5cd40c63ed First working version 2018-02-10 01:00:55 +01:00