clients
clients copied to clipboard
Published
20 hours ago •
bitwarden
bitwarden
[PM-7930] Add ability to pop out extension to TDE components
trafficstars
Type of change
- [ ] Bug fix
- [X] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other
Objective
We have had a request from customers onboarding with TDE that they would like to be able to pop out the extension while requesting TDE admin or device approval, so that focus is not lost while approval is completed. This is especially important for the device request, as it allows users to approve requests on their desktop app without losing focus on the extension.
Code changes
- login-decryption-options.component.ts: Added
app-pop-outto header. - login-via-auth-request.component.ts: Added
app-pop-outto header.
Screenshots
https://github.com/bitwarden/clients/assets/106564991/db76a2df-c01e-4545-8a35-d204c1b3ce5b
Before you submit
- Please add unit tests where it makes sense to do so (encouraged but not required)
- If this change requires a documentation update - notify the documentation team
- If this change has particular deployment requirements - notify the DevOps team
- Ensure that all UI additions follow WCAG AA requirements
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 28.17%. Comparing base (
b672b03) to head (e48ba3e). Report is 93 commits behind head on main.
Additional details and impacted files
@@ Coverage Diff @@
## main #9037 +/- ##
==========================================
+ Coverage 28.14% 28.17% +0.02%
==========================================
Files 2369 2398 +29
Lines 70049 70656 +607
Branches 13162 13215 +53
==========================================
+ Hits 19718 19904 +186
- Misses 48772 49196 +424
+ Partials 1559 1556 -3
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Checkmarx One – Scan Summary & Details – 095f0ab8-44b3-4004-a295-1b563f542c61
New Issues
| Severity | Issue | Source File / Package | Checkmarx Insight |
|---|---|---|---|
 |
Client_Privacy_Violation | /libs/components/src/color-password/color-password.component.ts: [25](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/components/src/color-password/color-password.component.ts# L25) | Attack Vector |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [176](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L176) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [481](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L481) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [457](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L457) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /build-desktop.yml: [1268](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/build-desktop.yml# L1268) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [286](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L286) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /build-desktop.yml: [1222](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/build-desktop.yml# L1222) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [473](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L473) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /build-cli.yml: [380](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/build-cli.yml# L380) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [465](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L465) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [348](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L348) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [169](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L169) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [190](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L190) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [183](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L183) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [236](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L236) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [44](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L44) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [151](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L151) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [70](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L70) | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
 |
Client_JQuery_Deprecated_Symbols | /apps/cli/src/program.ts: [615](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/cli/src/program.ts# L615) | Attack Vector |
Fixed Issues
| Severity | Issue | Source File / Package |
|---|---|---|
 |
Client_DOM_Code_Injection | /apps/web/src/connectors/common.ts: [2](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/common.ts# L2) |
|
Client_DOM_Code_Injection | /apps/browser/src/autofill/services/collect-autofill-content.service.ts: [1071](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/autofill/services/collect-autofill-content.service.ts# L1071) |
|
Client_DOM_Stored_XSS | /apps/web/src/connectors/sso.ts: [33](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/sso.ts# L33) |
|
Client_DOM_XSS | /apps/browser/src/auth/scripts/duo.js: [285](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/scripts/duo.js# L285) |
|
Client_DOM_XSS | /apps/browser/src/auth/scripts/duo.js: [285](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/scripts/duo.js# L285) |
|
Client_DOM_XSS | /apps/desktop/src/auth/scripts/duo.js: [285](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/scripts/duo.js# L285) |
|
Client_DOM_XSS | /apps/desktop/src/auth/scripts/duo.js: [285](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/scripts/duo.js# L285) |
|
Client_DOM_XSS | /apps/web/src/connectors/common.ts: [2](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/common.ts# L2) |
|
Client_DOM_XSS | /apps/web/src/connectors/common.ts: [2](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/common.ts# L2) |
|
Client_DOM_XSS | /apps/web/src/connectors/common.ts: [2](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/common.ts# L2) |
|
Client_DOM_XSS | /apps/web/src/connectors/common.ts: [2](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/common.ts# L2) |
|
Client_DOM_XSS | /apps/web/src/connectors/sso.ts: [21](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/sso.ts# L21) |
|
Client_DOM_XSS | /apps/web/src/connectors/sso.ts: [19](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/sso.ts# L19) |
|
Client_DOM_XSS | /apps/web/src/connectors/sso.ts: [15](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/sso.ts# L15) |
|
Absolute_Path_Traversal | /apps/cli/src/commands/serve.command.ts: [315](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/cli/src/commands/serve.command.ts# L315) |
|
Absolute_Path_Traversal | /apps/cli/src/commands/serve.command.ts: [347](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/cli/src/commands/serve.command.ts# L347) |
|
Absolute_Path_Traversal | /apps/cli/src/commands/serve.command.ts: [315](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/cli/src/commands/serve.command.ts# L315) |
|
Absolute_Path_Traversal | /apps/cli/src/commands/serve.command.ts: [347](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/cli/src/commands/serve.command.ts# L347) |
|
Angular_Improper_Type_Pipe_Usage | /apps/browser/src/vault/popup/components/fido2/fido2-use-browser-link.component.html: [1](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/vault/popup/components/fido2/fido2-use-browser-link.component.html# L1) |
|
Client_Privacy_Violation | /apps/web/src/app/tools/password-generator-history.component.html: [11](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/app/tools/password-generator-history.component.html# L11) |
|
Client_Privacy_Violation | /apps/web/src/app/tools/password-generator-history.component.html: [11](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/app/tools/password-generator-history.component.html# L11) |
|
Client_Privacy_Violation | /apps/browser/src/background/runtime.background.ts: [323](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/background/runtime.background.ts# L323) |
|
Client_Privacy_Violation | /apps/web/src/app/tools/reports/pages/breach-report.component.html: [14](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/app/tools/reports/pages/breach-report.component.html# L14) |
|
Client_Privacy_Violation | /apps/browser/src/auth/popup/account-switching/account.component.ts: [12](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/popup/account-switching/account.component.ts# L12) |
|
Client_Privacy_Violation | /apps/browser/src/auth/popup/account-switching/account.component.ts: [12](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/popup/account-switching/account.component.ts# L12) |
|
Client_Privacy_Violation | /apps/browser/src/auth/popup/account-switching/account.component.ts: [12](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/popup/account-switching/account.component.ts# L12) |
|
Client_Privacy_Violation | /libs/components/src/color-password/color-password.component.ts: [26](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/components/src/color-password/color-password.component.ts# L26) |
|
Client_Privacy_Violation | /apps/desktop/src/auth/lock.component.html: [32](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/lock.component.html# L32) |
|
Client_Privacy_Violation | /apps/web/src/app/auth/lock.component.html: [18](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/app/auth/lock.component.html# L18) |
|
Client_Privacy_Violation | /bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts: [161](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts# L161) |
|
Client_Privacy_Violation | /apps/web/src/app/auth/lock.component.html: [18](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/app/auth/lock.component.html# L18) |
|
Client_Privacy_Violation | /apps/desktop/src/auth/lock.component.html: [32](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/lock.component.html# L32) |
|
Client_Privacy_Violation | /apps/web/src/app/auth/recover-two-factor.component.html: [37](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/app/auth/recover-two-factor.component.html# L37) |
|
Client_Privacy_Violation | /apps/desktop/src/vault/app/vault/view.component.html: [534](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/vault/app/vault/view.component.html# L534) |
|
Client_Privacy_Violation | /bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts: [161](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts# L161) |
|
Client_Privacy_Violation | /apps/web/src/connectors/webauthn-fallback.ts: [116](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/webauthn-fallback.ts# L116) |
|
Client_Privacy_Violation | /libs/components/src/color-password/color-password.component.ts: [14](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/components/src/color-password/color-password.component.ts# L14) |
|
Client_Privacy_Violation | /apps/desktop/src/vault/app/vault/view.component.html: [60](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/vault/app/vault/view.component.html# L60) |
|
Client_Privacy_Violation | /apps/desktop/src/vault/app/vault/view.component.html: [56](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/vault/app/vault/view.component.html# L56) |
|
Client_Privacy_Violation | /apps/browser/src/tools/popup/generator/password-generator-history.component.html: [26](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/tools/popup/generator/password-generator-history.component.html# L26) |
|
Client_Privacy_Violation | /apps/browser/src/vault/popup/components/vault/password-history.component.html: [18](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/vault/popup/components/vault/password-history.component.html# L18) |
|
Client_Privacy_Violation | /apps/desktop/src/app/tools/password-generator-history.component.html: [15](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/app/tools/password-generator-history.component.html# L15) |
|
Client_Privacy_Violation | /apps/desktop/src/vault/app/vault/password-history.component.html: [12](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/vault/app/vault/password-history.component.html# L12) |
|
Client_Privacy_Violation | /apps/desktop/src/vault/app/vault/view.component.html: [50](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/vault/app/vault/view.component.html# L50) |
|
Client_Privacy_Violation | /libs/components/src/color-password/color-password.component.ts: [14](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/components/src/color-password/color-password.component.ts# L14) |
|
Client_Privacy_Violation | /apps/browser/src/tools/popup/generator/password-generator-history.component.html: [26](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/tools/popup/generator/password-generator-history.component.html# L26) |
|
Client_Privacy_Violation | /apps/browser/src/vault/popup/components/vault/password-history.component.html: [18](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/vault/popup/components/vault/password-history.component.html# L18) |
|
Client_Privacy_Violation | /apps/desktop/src/app/tools/password-generator-history.component.html: [15](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/app/tools/password-generator-history.component.html# L15) |
|
Client_Privacy_Violation | /apps/desktop/src/vault/app/vault/password-history.component.html: [12](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/vault/app/vault/password-history.component.html# L12) |
|
Missing_HSTS_Header | /apps/cli/src/auth/commands/login.command.ts: [707](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/cli/src/auth/commands/login.command.ts# L707) |
|
SSRF | /libs/importer/src/importers/lastpass/access/services/rest-client.ts: [69](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/importer/src/importers/lastpass/access/services/rest-client.ts# L69) |
|
SSRF | /libs/importer/src/importers/lastpass/access/services/rest-client.ts: [69](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/importer/src/importers/lastpass/access/services/rest-client.ts# L69) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [500](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L500) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [360](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L360) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [508](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L508) |
|
Unpinned Actions Full Length Commit SHA | /build-desktop.yml: [1256](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/build-desktop.yml# L1256) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [163](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L163) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [82](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L82) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [298](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L298) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [492](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L492) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [188](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L188) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [195](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L195) |
|
Unpinned Actions Full Length Commit SHA | /build-desktop.yml: [1210](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/build-desktop.yml# L1210) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [181](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L181) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [516](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L516) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [248](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L248) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [202](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L202) |
|
Unpinned Actions Full Length Commit SHA | /build-cli.yml: [404](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/build-cli.yml# L404) |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: [48](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//.github/workflows/version-bump.yml# L48) |
|
Angular_Usage_of_Unsafe_DOM_Sanitizer | /apps/desktop/src/app/components/avatar.component.ts: [75](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/app/components/avatar.component.ts# L75) |
|
Angular_Usage_of_Unsafe_DOM_Sanitizer | /libs/components/src/avatar/avatar.component.ts: [80](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/components/src/avatar/avatar.component.ts# L80) |
|
Angular_Usage_of_Unsafe_DOM_Sanitizer | /libs/components/src/icon/icon.component.ts: [18](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/components/src/icon/icon.component.ts# L18) |
|
Angular_Usage_of_Unsafe_DOM_Sanitizer | /libs/components/src/icon/icon.component.ts: [18](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/components/src/icon/icon.component.ts# L18) |
|
Client_DOM_Open_Redirect | /apps/browser/src/platform/popup/layout/popup-header.component.ts: [29](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/platform/popup/layout/popup-header.component.ts# L29) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/accessibility-cookie.component.html: [18](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/accessibility-cookie.component.html# L18) |
|
Client_DOM_Open_Redirect | /apps/web/src/connectors/common.ts: [2](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/common.ts# L2) |
|
Client_DOM_Open_Redirect | /apps/web/src/connectors/common.ts: [2](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/common.ts# L2) |
|
Client_DOM_Open_Redirect | /apps/web/src/connectors/common.ts: [2](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/common.ts# L2) |
|
Client_DOM_Open_Redirect | /apps/web/src/connectors/sso.ts: [21](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/sso.ts# L21) |
|
Client_DOM_Open_Redirect | /apps/web/src/connectors/common.ts: [2](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/common.ts# L2) |
|
Client_DOM_Open_Redirect | /apps/web/src/connectors/sso.ts: [19](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/sso.ts# L19) |
|
Client_DOM_Open_Redirect | /apps/web/src/connectors/common.ts: [2](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/common.ts# L2) |
|
Client_DOM_Open_Redirect | /apps/web/src/connectors/sso.ts: [15](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/sso.ts# L15) |
|
Client_DOM_Open_Redirect | /apps/browser/src/tools/popup/generator/password-generator-history.component.ts: [18](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/tools/popup/generator/password-generator-history.component.ts# L18) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/login/login-via-auth-request.component.ts: [60](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/login/login-via-auth-request.component.ts# L60) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/login/login-via-auth-request.component.ts: [60](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/login/login-via-auth-request.component.ts# L60) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/popup/login-via-auth-request.component.ts: [52](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/popup/login-via-auth-request.component.ts# L52) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/popup/login-via-auth-request.component.ts: [52](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/popup/login-via-auth-request.component.ts# L52) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/popup/account-switching/current-account.component.ts: [35](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/popup/account-switching/current-account.component.ts# L35) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/popup/login-via-auth-request.component.ts: [52](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/popup/login-via-auth-request.component.ts# L52) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/popup/login-via-auth-request.component.ts: [52](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/popup/login-via-auth-request.component.ts# L52) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/login/login-via-auth-request.component.ts: [60](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/login/login-via-auth-request.component.ts# L60) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/login/login-via-auth-request.component.ts: [60](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/login/login-via-auth-request.component.ts# L60) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/popup/account-switching/account.component.ts: [24](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/popup/account-switching/account.component.ts# L24) |
|
Client_DOM_Open_Redirect | /apps/browser/src/vault/popup/components/vault/password-history.component.ts: [21](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/vault/popup/components/vault/password-history.component.ts# L21) |
|
Client_DOM_Open_Redirect | /apps/browser/src/vault/popup/components/vault/attachments.component.ts: [32](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/vault/popup/components/vault/attachments.component.ts# L32) |
|
Client_DOM_Open_Redirect | /apps/browser/src/billing/popup/settings/premium.component.ts: [27](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/billing/popup/settings/premium.component.ts# L27) |
|
Client_DOM_Open_Redirect | /libs/common/src/auth/iframe-component.ts: [49](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/common/src/auth/iframe-component.ts# L49) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /libs/common/src/auth/webauthn-iframe.ts: [25](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/common/src/auth/webauthn-iframe.ts# L25) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /libs/common/src/auth/webauthn-iframe.ts: [25](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/common/src/auth/webauthn-iframe.ts# L25) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/scripts/duo.js# L277) |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/scripts/duo.js: [277](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/auth/scripts/duo.js# L277) |
|
Client_Hardcoded_Domain | /apps/web/src/app/billing/shared/payment.component.ts: [56](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/app/billing/shared/payment.component.ts# L56) |
|
Client_Hardcoded_Domain | /apps/web/src/app/billing/shared/payment.component.ts: [56](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/app/billing/shared/payment.component.ts# L56) |
|
Client_Hardcoded_Domain | /apps/web/src/connectors/captcha.ts: [57](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/captcha.ts# L57) |
|
Client_JQuery_Deprecated_Symbols | /apps/cli/src/base-program.ts: [115](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/cli/src/base-program.ts# L115) |
|
Client_JQuery_Deprecated_Symbols | /apps/cli/src/auth/commands/login.command.ts: [575](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/cli/src/auth/commands/login.command.ts# L575) |
|
Client_JQuery_Deprecated_Symbols | /libs/angular/src/auth/components/update-temp-password.component.ts: [132](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/angular/src/auth/components/update-temp-password.component.ts# L132) |
|
Client_JQuery_Deprecated_Symbols | /libs/angular/src/auth/components/change-password.component.ts: [91](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/angular/src/auth/components/change-password.component.ts# L91) |
|
Client_Use_Of_Iframe_Without_Sandbox | /apps/browser/src/autofill/content/notification-bar.ts: [868](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/autofill/content/notification-bar.ts# L868) |
|
Client_Use_Of_Iframe_Without_Sandbox | /apps/browser/src/autofill/overlay/iframe-content/autofill-overlay-iframe.service.ts: [90](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/browser/src/autofill/overlay/iframe-content/autofill-overlay-iframe.service.ts# L90) |
|
Client_Use_Of_Iframe_Without_Sandbox | /apps/web/src/connectors/duo.ts: [8](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/duo.ts# L8) |
|
Client_Use_Of_Iframe_Without_Sandbox | /apps/web/src/connectors/duo.ts: [8](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/duo.ts# L8) |
|
Client_Weak_Cryptographic_Hash | /libs/common/src/platform/services/web-crypto-function.service.ts: [142](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//libs/common/src/platform/services/web-crypto-function.service.ts# L142) |
|
Client_Weak_Cryptographic_Hash | /apps/desktop/src/proxy/ipc.ts: [24](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/desktop/src/proxy/ipc.ts# L24) |
|
Missing_CSP_Header | /apps/cli/src/auth/commands/login.command.ts: [707](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/cli/src/auth/commands/login.command.ts# L707) |
|
Unprotected_Cookie | /apps/web/src/app/auth/two-factor.component.ts: [137](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/app/auth/two-factor.component.ts# L137) |
|
Unprotected_Cookie | /apps/web/src/connectors/duo-redirect.ts: [57](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/duo-redirect.ts# L57) |
|
Unprotected_Cookie | /apps/web/src/connectors/duo-redirect.ts: [112](https://github.com/bitwarden/clients/blob/auth/pm-7930/add-pop-out-option-to-tde//apps/web/src/connectors/duo-redirect.ts# L112) |
|
Unprotected_Cookie |
More results are available on AST platform
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Note that the scope of this has been reduced to just the login-decryption-options component. I originally included the login-via-auth-request component as well, even though it wasn't explicitly in the ticket, as it seemed like a good thing to do. However, as that component is also used for non-TDE auth request flows, the email address is stored on the loginEmailService and does not persist into the pop-out.
Rather than refactor that use case, I felt it was better to reduce back to the original scope.