You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We're (as always) limited by the overlap of Firefox and KeePass API coverage so this is subject to change in case we find some unexpected limitations but this is probably what I'll implement:
Add radio button group to the form field add/edit form to "Enable placeholders"
Add the following text and link to the form field add/edit form: "It is your responsibility to ensure that the placeholders you use do not reduce the security of your database and accounts. You can learn more about placeholders and the impact of using them at ...some documentation URL....."
Create a new database setting to configure the default behaviour of dereferencing. It will default to disabled and the option to enable will be displayed with the following warning on screen: "Changing this setting can increase the risk of information from your database or computer being collected by malicious or compromised websites.
It is strongly recommended to enable this feature only as a temporary aid for migration between KeePassRPC version 1.7.3 and 1.8.
You can find more information at ...some forum URL..."
Change handling of Username and Password fields so that they no longer recurse through all placeholders automatically. Instead they will look specifically for the string within the username/password field and thereafter be considered identical to other text and password fields in this feature.
Call GetPwEntryStringFromDereferencableValue() for all for value strings but only if:
the radio button group is enabled for that form field or
the radio button group is not disabled and the database default setting indicates that we should do so
Replace current SPR calls with the SprCompileFlags overload instead of the deprecated overload currently in use.
The text was updated successfully, but these errors were encountered:
See https://forum.kee.pm/t/kee-and-otp-codes/1037 for background and motivation.
We're (as always) limited by the overlap of Firefox and KeePass API coverage so this is subject to change in case we find some unexpected limitations but this is probably what I'll implement:
Add radio button group to the form field add/edit form to "Enable placeholders"
Add the following text and link to the form field add/edit form: "It is your responsibility to ensure that the placeholders you use do not reduce the security of your database and accounts. You can learn more about placeholders and the impact of using them at ...some documentation URL....."
Create a new database setting to configure the default behaviour of dereferencing. It will default to disabled and the option to enable will be displayed with the following warning on screen: "Changing this setting can increase the risk of information from your database or computer being collected by malicious or compromised websites.
It is strongly recommended to enable this feature only as a temporary aid for migration between KeePassRPC version 1.7.3 and 1.8.
You can find more information at ...some forum URL..."
Change handling of Username and Password fields so that they no longer recurse through all placeholders automatically. Instead they will look specifically for the string within the username/password field and thereafter be considered identical to other text and password fields in this feature.
Call GetPwEntryStringFromDereferencableValue() for all for value strings but only if:
Replace current SPR calls with the SprCompileFlags overload instead of the deprecated overload currently in use.
The text was updated successfully, but these errors were encountered: