summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2014-07-01clipperz middleware as a router instead of two separate handlers and staticHEADmasterMichael Krelin2-3/+10
2014-06-30builder: add --force-dirty flagMichael Krelin1-1/+4
Besides being good for development, it seems to be a necessity in case we are checked out as a submodule
2014-06-30gitignore node_modules and htdocs directoriesMichael Krelin1-0/+2
quite useful while debugging
2014-06-30path adjustmentsMichael Krelin2-3/+3
2014-06-30reject zero A from the client (as per CLP-01-017)Michael Krelin1-0/+2
2014-06-30adjust SRP to match clipper changeMichael Krelin1-5/+12
2014-06-30Merge remote-tracking branch 'github/master' into nmasterMichael Krelin15-351/+407
2014-06-29change dump path to relativeMichael Krelin1-1/+1
2014-06-29change 'DELETE' to 'TRUNCATE', because why not.Michael Krelin1-1/+1
2014-06-29fix a typo in session store implementationMichael Krelin1-1/+1
2014-06-29update node modules and adjust for the newer expressMichael Krelin3-15/+20
2014-06-21Inproved PRNG configurationGiulio Cesare Solaroli3-6/+6
2014-06-19Mitigation for vulnerability CLP-01-018Giulio Cesare Solaroli3-251/+135
2014-06-02Fixed authentication procedure for offline copyGiulio Cesare Solaroli3-26/+83
2014-05-30Fixed vulnerability CLP-01-016Giulio Cesare Solaroli3-48/+125
2014-05-02Fixed issues reported by cure53.deGiulio Cesare Solaroli5-11/+47
Fixed issues CLP-01-014 and CLP-01-015
2014-05-02added more visible security warning, updated URLsMarco Barulli1-15/+17
2014-04-04Signed commitGiulio Cesare Solaroli0-0/+0
2014-03-19Merge remote-tracking branch 'github/master'Michael Krelin1-1/+1
2013-12-09Merge pull request #51 from jokajak/fixPHPDumpLinkGiulio Cesare Solaroli1-1/+1
Fix dump path for php backend to be relative
2013-12-04Fix dump path for php backend to be relativeJosh1-1/+1
2013-11-29turn off autocompletion for change passphrase formMichael Krelin1-4/+4
2013-11-28frontend: turn off autocompletion for input elements in recordMichael Krelin1-6/+6
otherwise the very presence of saved form values for the same host may (at least in some browsers) ruin the record if it was edited and carelessly saved.
2013-11-27more traceloggingMichael Krelin1-0/+1
2013-11-27switched postgresql schema from json type to plaintextMichael Krelin2-11/+13
2013-11-26when copying node backend files skip htdocs and node_modulesMichael Krelin1-0/+7
both are used while debugging and don't have to break the build
2013-11-26builder: moved temp folder adjustements where it belongsMichael Krelin2-4/+5
it wasn't meant to be in the script language builder, but only should've affected node backend
2013-11-25PG: also tracelog error (if any)Michael Krelin1-2/+2
2013-11-25postgresql-based clipperz own session storeMichael Krelin3-10/+54
the use thereof is not mandatory, but may come in handy for the standalone deployment
2013-11-25make `npm start` show pretty logsMichael Krelin1-1/+1
2013-11-25retrieve header as a string to avoid restringificationMichael Krelin1-4/+4
2013-11-25typo fixMichael Krelin1-1/+1
2013-11-25PG: don't try to commit after rolling backMichael Krelin1-1/+1
2013-11-24nodejs+postgresql backendMichael Krelin9-0/+691
2013-10-02Updated /deltaGiulio Cesare Solaroli34-1356/+15565
Switched from less to scss. Still no build script to update the final CSS, though. Added preliminary support for storing account data on browser's local storage for offline viewing. No public backend currently support this feature.
2013-08-30First release of /delta versionGiulio Cesare Solaroli131-79/+59632
2013-08-16Merge pull request #50 from neilmarion/patch-1Giulio Cesare Solaroli1-1/+3
Update README.md
2013-08-16Update README.mdNeil Marion dela Cruz1-1/+3
I was clueless at first why I'm not redirected to POG when I went to /setup/ . Then I realized that I needed to input my setup_password on the textfield when I inspected the element.
2013-07-17Tentative fix for issue #49Giulio Cesare Solaroli2-14/+0
2013-05-13Upated links to web site;Giulio Cesare Solaroli17-26/+173
added stub for Account Info data. Updated the links to the main website to match the new content/structure. The new Account Info is now completely static; will become dynamic as soon as the backend infrastructure will be in place.
2013-05-03Fixed the markup of the README.md file.Giulio Cesare Solaroli1-3/+4
2013-05-03Added instructions on how to do actual development, using the dev-proxy scriptGiulio Cesare Solaroli1-1/+25
2013-04-26Updated READMEGiulio Cesare Solaroli1-5/+14
2013-04-26Fixed a bug that would "corrupt" header data when upgrading the crypto ↵Giulio Cesare Solaroli1-1/+3
version used to process an account data The problem being that only part of the header section would be re-encrypted, thus ending up with different sections encrypted using different crypto function versions. And this would break when loading data back on next login.
2013-04-26Disabled a debug logGiulio Cesare Solaroli1-1/+1
2013-04-21Updated readmeGiulio Cesare Solaroli1-24/+30
2013-04-21Updated mobile prototypeGiulio Cesare Solaroli12-6112/+23786
2013-04-21Aborted attempt to factor out the Crypto library on its own moduleGiulio Cesare Solaroli14-10967/+0
2013-04-21Removed extra JS libraries no longer used for the mobile versionGiulio Cesare Solaroli35-5986/+0
2013-04-19Fixed an issue on the AES-CTR block modeGiulio Cesare Solaroli22-79/+2098
The previous version of the CTR encoding was incrementing the counter in a weird way, mixing up data from the previous block. The current fix can correctly decrypt data encoded with AES-CTR using other libraries/languages (currently tested only with Python).
[next]