Merge branch 'master' of soutade.fr:gpass

ChangeLog

@@ -1,14 +1,17 @@
-**v0.9 :**
+**v0.8.1 :**
+
 Server
 
+  * Scroll to page bottom when user adds a new password
+  * Run a simpler algorithm for wildcard domains
+
 Addon
 
-	* Run a simple algorithm for wildcard domains
+  * Add Privacy Policy information
+  * Run a simpler algorithm for wildcard domains
 
 CLI
 
-	* Run a simple algorithm for wildcard domains
-
 **v0.8 :**
 
 Server

PrivacyPolicy.md

@@ -0,0 +1,47 @@
+gPass web browser extension Privacy Policy
+------------------------------------------
+
+
+## Information we collect ##
+
+The gPass extension collect three information once invoked :
+  * Site address URL
+    * Login name
+      * Master key
+
+
+## How we use information we collect ##
+
+Once collected, site address and login name are crypted by a derived version of your master key.
+It's then sent to the server you configured in extension configuration page for comparison.
+
+This server has been set up by the user himself (recommended) or by a provider he trust in.
+
+The database that the server access to do comparisons only contains the crypted
+version of your information. They are never decrypted in the server side.
+
+If a comparison match, the real password is sent back to your extension were
+it's unencrypted using the same key.
+
+Finally, the application context is cleared and nothing is retained in memory
+nor written anywhere.
+
+
+## Accessing and updating your personal information ##
+
+As a user, you can add, edit and delete your crypted information through
+the web interface of the configuration defined server.
+
+During these operations, no clear information is sent to the server.
+
+
+## Information we share ##
+
+Nothing is shared with anyone. Nor on extension side nor on server side.
+
+
+## Information security ##
+
+Information transmitted to the server are done through an HTTPS AJAX request.
+Data are crypted using AES 256 CBC algorithm and the master key is prior
+derived using PKBDF2 algorithm.

chrome_addon/lib/main.js

@@ -458,4 +458,8 @@ async function self_test()
     	console.log("Self test OK !");
 }
 
+console.log("Welcome to gPass web extension v0.8.1 !");
+console.log("Privacy Policy can be found at http://indefero.soutade.fr/p/gpass/source/tree/master/PrivacyPolicy.md");
+console.log("");
+
 //self_test();

chrome_addon/manifest.json

@@ -3,7 +3,7 @@
 
     "name": "gPass",
     "short_name": "gPass",
-    "version": "0.8",
+    "version": "0.8.1",
     "description": "gPass : global password manager",
     "icons" : {"16":"icons/gpass_icon_16.png", "32":"icons/gpass_icon_32.png", "64":"icons/gpass_icon_64.png", "128":"icons/gpass_icon_128.png"},
     "author" : "Grégory Soutadé",

firefox_webextension/manifest.json

@@ -3,7 +3,7 @@
 
     "name": "gPass",
     "short_name": "gPass",
-    "version": "0.8",
+    "version": "0.8.1",
     "description": "gPass : global password manager",
     "icons" : {"16":"icons/gpass_icon_16.png", "32":"icons/gpass_icon_32.png", "64":"icons/gpass_icon_64.png", "128":"icons/gpass_icon_128.png"},
     "author" : "Grégory Soutadé",

server/resources/gpass.js

@@ -761,6 +761,8 @@ function add_password()
 	    startClearTimer();
 	});
 
+    window.scrollTo(0,document.body.scrollHeight);
+
     return true;
 }