-
-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[bug] Generated links from Web UI are not compatible with REST API v0.16.1 #14
Comments
This is an encryption passphrase. This project has a zero-knowledge approach which ensures the server will never be able to leak secrets sent to it. All secrets are encrypted in the browser and sent in AES256 bit encrypted form to the server. The form of the links is Given the approach of never sending plain secrets to the server you should encrypt your secrets using OpenSSL when creating them from CLI and then append the decryption passphrase to the URL. Keeping this as a reminder to add documentation how to create secrets through CLI and assemble the URL from there. |
Signed-off-by: Knut Ahlers <knut@ahlers.me>
I've added documentation and a script for creating secrets to the repo. Please have a look at the changed README whether the explanation is understandable and meets your use-case. |
Hello Luzifer, thanks for adding that documentation part, much appreciated. This will for sure help with my scenario. Thanks a lot. |
This should apply to v0.17 as well.
Might be a feature request if designed that way from the beginning?
Reproduce (Fedora 31)
web generated links
Generated links add a similar to this |s4ixx29o77a behind the UUID for some reason that is not there in the REST API. (salt?)
this is a web link #1 http://localhost:3000/#6ea9106c-1bc4-4d38-8e48-06c1baefde2e|v3266bllzl
Link works when opened in browser.
this is a web link #2 http://localhost:3000/#1b21cad7-a9c6-45d3-a2d5-885479879d7d|s4ixx29o77a
Link does not work from REST API directly with ot with out the |s4ixx29o77a part
API generated links
Link 1 works from REST API
Link # works from browser - http://localhost:3000/#f69f35ed-5b5d-4c89-a6cc-250b573441a5
this is a rest link #2
Embedded salt?
The text was updated successfully, but these errors were encountered: