bjarneo
bjarneo
How many secrets created on a daily basis: https://github.com/HemmeligOrg/Hemmelig.app/commit/e94934738dd31af66c226df79057c7715ee67502
@RainerZufahl, no, but I can do this today 🚀
It was all coincidence, I just opened my notification page on github 😅
I am in need of this feature as well
@RainerZufahl should be possible to turn off user creation by using this env var: `SECRET_USER_DISABLE`. It is currently only in the bleeding-edge docker image. Will create a release sooner than...
Finding Was able to bypass the mimetype restrictions by simply changing the Content-Type form header to something else. Example from the payload: ``` ------WebKitFormBoundaryEQSxdNw95ZSUWTwh Content-Disposition: form-data; name="file"; filename="MyCompressedFile.zip" Content-Type: application/evilzip...
@RainerZufahl, that is a fair point. Usually this is how passwords are handled by all kinds of applications. One could, however, of course hash the password before shipping it to...
Yeah, correct :) And, if you have an MITM attack, then you surely have other issues as well ;)
https://developer.mozilla.org/en-US/docs/Web/Progressive_web_apps/Add_to_home_screen
Since we are using CRA: https://create-react-app.dev/docs/making-a-progressive-web-app/