Some comment and copyright updates

This commit is contained in:
Grégory Soutadé 2017-07-19 19:12:56 +02:00
parent 39582e0f26
commit 017bda025e
5 changed files with 12 additions and 13 deletions

View File

@ -50,7 +50,7 @@ function str2ab2(str) {
} }
function str2ab(str) { function str2ab(str) {
var buf = new ArrayBuffer(str.length); // 2 bytes for each char var buf = new ArrayBuffer(str.length);
// var buf = new ArrayBuffer(str.length*2); // 2 bytes for each char // var buf = new ArrayBuffer(str.length*2); // 2 bytes for each char
var bufView = new Uint8Array(buf); var bufView = new Uint8Array(buf);
for (var i=0, strLen=str.length; i < strLen; i++) { for (var i=0, strLen=str.length; i < strLen; i++) {

View File

@ -1,5 +1,6 @@
function url_block_callback(details) function url_block_callback(details)
{ {
//console.log(details);
if (details.requestBody) if (details.requestBody)
{ {
if (details.requestBody.formData) if (details.requestBody.formData)
@ -57,7 +58,7 @@ browser.runtime.onMessage.addListener(
{ {
browser.webRequest.onBeforeRequest.addListener( browser.webRequest.onBeforeRequest.addListener(
url_block_callback, url_block_callback,
{urls:[request.options.url], {"urls":[request.options.url],
"types":["main_frame"], "types":["main_frame"],
"tabId":tab.id, "tabId":tab.id,
"windowId":tab.windowId "windowId":tab.windowId
@ -68,7 +69,7 @@ browser.runtime.onMessage.addListener(
{ {
browser.webRequest.onBeforeRequest.addListener( browser.webRequest.onBeforeRequest.addListener(
url_block_callback, url_block_callback,
{urls:[request.options.url], types:["main_frame"]}, {"urls":[request.options.url], "types":["main_frame"]},
["blocking", "requestBody"]); ["blocking", "requestBody"]);
} }
}); });

View File

@ -1,6 +1,6 @@
<?php <?php
/* /*
Copyright (C) 2013-2015 Grégory Soutadé Copyright (C) 2013-2017 Grégory Soutadé
This file is part of gPass. This file is part of gPass.
@ -48,25 +48,23 @@ $PBKDF2_LEVEL=1000;
(to generate a unique PBKDF2 derivation) that result in an access tokens. (to generate a unique PBKDF2 derivation) that result in an access tokens.
With this access token, user has the right to get With this access token, user has the right to get
encrypted login/password values and remove them. encrypted login/password values and remove them.
It's a kind of challenge. It's a kind of challenge but requires more cpu bandwidth
(one derivation + two decryption for each password !).
This option is backward compatible with old version < 0.6 This option is backward compatible with old version < 0.6
For now it's deactivated because it requires high cpu bandwidth
(one derivation + two decryption for each password !). When
standard crypto API will be stable it will be enabled by default.
*/ */
$USE_SHADOW_LOGINS=1; $USE_SHADOW_LOGINS=1;
/* /*
Protection against DDoS. Protection against DDoS.
Each request can contains multiple password combination Each request can contains multiple password combinations
(to support wildcards for example) and multiple names. (to support wildcards for example) and multiple names.
Currently only two passwords are sent from addon : Currently only two passwords are sent from addon :
www.example.com www.example.com
*.example.com *.example.com
But, on future we may also consider 'www.example.*', '*.example.*' and lower case username. But, on future we may also consider 'www.example.*', '*.example.*' and lower case username.
For maximum security, you can set it to 2. For maximum security, you can set it to 2 or 4 if you want to be backward compatible
with addons/extions <= 0.7.
*/ */
$MAX_PASSWORDS_PER_REQUEST=10; $MAX_PASSWORDS_PER_REQUEST=10;

View File

@ -1,6 +1,6 @@
<?php <?php
/* /*
Copyright (C) 2013 Grégory Soutadé Copyright (C) 2013-2017 Grégory Soutadé
This file is part of gPass. This file is part of gPass.

View File

@ -1,6 +1,6 @@
<?php <?php
/* /*
Copyright (C) 2013-2014 Grégory Soutadé Copyright (C) 2013-2017 Grégory Soutadé
This file is part of gPass. This file is part of gPass.