Merge branch 'master' of soutade.fr:gpass into master

ChangeLog

@@ -1,3 +1,19 @@
+**v1.0 :**
+
+Server
+
+  * Add clear form button for "Add new password" div
+  * If we have a current URL in add form and we have a password entry that match this URL, go to the last when all is deciphered
+
+Addon
+  * Remove old v1 crypto functions & compatibility
+  * Remove old firefox addon code
+  * Remove block_url feature to increase websites compatibility
+  * Force copy password into clipboard for @_ request from popup even if we can fill it
+  * Fix a bug: wait for promise before displaying message for clipboard pasted password
+
+CLI
+
 **v0.9 :**
 
 Server

README.md

@@ -25,7 +25,9 @@ When you're in a login form and you want to use gPass, type your login (case sen
 
 **You can also type "@_masterkey" to only replace your password without automatic submit. This allows to support more websites.**
 
-Another option is to enter your credentials in the new popup menu by clicking on gPass icon. If it's possible, gPass will auto fill password field, if not result password is stored into your clipboard. Popup path is a safest method as website page will never see your masterkey. There is also an option to disable addon for a specific website (it's a local configuration, so it must be done for each browser).
+Another option is to enter your credentials in the new popup menu by clicking on gPass icon. If it's possible, gPass will auto fill password field, if not result password is stored into your clipboard. **Popup path is a safest method as website page will never see your masterkey.**
+
+** Warning ** : Sometimes, addon could make some websites unusable, especially for login form. In this case, you can deactivate it for only one website by clicking right on gPass icon and "disable or enable gPass for this website". It's a local configuration, so it must be done for each browser.
 
 
 Technical details
@@ -82,7 +84,7 @@ A sample configuration file is available _gpass.ini.sample_
 Version Information
 -------------------
 
-Current version is 0.9.
+Current version is 1.0.
 
 
 License

chrome_addon/popup/popup.js

@@ -69,14 +69,18 @@ function _query_tabs_get_password(tabs)
 							function(arg)
 							{
 							    debug("Response to setPassword " + arg);
-							    if (arg == "" || force_copy)
+							    if (arg === "" || force_copy)
 							    {
-								navigator.clipboard.writeText(response.password);
-								notify("Password pasted into clipboard", "");
+								navigator.clipboard.writeText(response.password).then(function() {
+								    notify("Password pasted into clipboard", "");
+								    window.close();
+								});
 							    }
 							    else
+							    {
 								notify("Password filled", "");
-							    window.close();
+								window.close();
+							    }
 							}
 						       );
 				   }

firefox_webextension/popup/popup.js

@@ -21,6 +21,8 @@ var username_filled = false
 
 function _query_tabs_get_password(tabs)
 {
+    var force_copy = false;
+    
     if (tabs.length <= 0) return;
 
     var username = document.getElementById("gPassUsername").value;
@@ -32,6 +34,10 @@ function _query_tabs_get_password(tabs)
     document.getElementById("gPassMasterKey").value = "";
 
     var do_submit = !mkey.startsWith("@_") && username_filled;
+
+    if (mkey.startsWith("@_"))
+	force_copy = true;
+
     if (mkey.startsWith("@@") || mkey.startsWith("@_"))
 	mkey = mkey.substring(2);
 
@@ -63,14 +69,18 @@ function _query_tabs_get_password(tabs)
 							function(arg)
 							{
 							    debug("Response to setPassword " + arg);
-							    if (arg == "")
+							    if (arg === "" || force_copy)
 							    {
-								navigator.clipboard.writeText(response.password);
-								notify("Password pasted into clipboard", "");
+								navigator.clipboard.writeText(response.password).then(function() {
+								    notify("Password pasted into clipboard", "");
+								    window.close();
+								});
 							    }
 							    else
+							    {
 								notify("Password filled", "");
-							    window.close();
+								window.close();
+							    }
 							}
 						       );
 				   }

server/index.php

@@ -158,15 +158,16 @@ if ($user != "")
 {
     echo "<b>Add a new password</b><br/>\n";
 
-    echo 'URL <input type="text" name="url" value="' . (filter_input(INPUT_GET, "url", FILTER_SANITIZE_SPECIAL_CHARS) ?: "") . '"/>';
-    echo 'login <input type="text" name="login" value="' . (filter_input(INPUT_GET, "user", FILTER_SANITIZE_SPECIAL_CHARS) ?: "") . '"/>';
+    echo 'URL <input type="text" id="new_url" name="url" value="' . (filter_input(INPUT_GET, "url", FILTER_SANITIZE_SPECIAL_CHARS) ?: "") . '"/>';
+    echo 'login <input type="text" id="new_login" name="login" value="' . (filter_input(INPUT_GET, "user", FILTER_SANITIZE_SPECIAL_CHARS) ?: "") . '"/>';
     echo 'password <input id="new_password" type="text" name="password"/>';
-    echo 'master key <input type="text" name="mkey" onkeypress="if (event.keyCode == 13) add_password();" onkeyup="chkPass(this.value);"/>';
+    echo 'master key <input type="text" name="mkey" id="new_mkey" onkeypress="if (event.keyCode == 13) add_password();" onkeyup="chkPass(this.value);"/>';
     echo '<input type="button" value="Generate password" onClick="generate_password();"/>';
     echo '<input type="button" value="Generate simple password" onClick="generate_simple_password();"/>';
     echo "<input type=\"button\" name=\"add\" value=\"Add\" onclick=\"add_password();\"/>";
     echo "<br />";
     echo '<div><a href="http://en.wikipedia.org/wiki/Password_strength">Master key strength</a><div id="scorebarBorder"><div id="score">0%</div><div id="scorebar">&nbsp;</div></div></div>';
+    echo "<input type=\"button\" name=\"clear\" value=\"Clear Form\" onclick=\"clear_form();\"/>";
 }
 ?>
 </div>

server/resources/gpass.js

@@ -109,6 +109,21 @@ function generate_simple_password()
     document.getElementById("new_password").value = _generate_random(8, symbols);
 }
 
+function clear_form()
+{
+    div = document.getElementById("add_new_password");
+    
+    inputs = div.getElementsByTagName("input");
+
+    for(i=0; i<inputs.length; i++)
+    {
+	if (inputs[i].type == "text" ||
+	    inputs[i].type == "password")
+	    inputs[i].value = "";
+    }
+    chkPass("");
+}
+
 function url_domain(data) {
     var uri = parseUri(data)
    return uri['host'];
@@ -475,6 +490,7 @@ async function change_master_key(warning_unciphered)
 	    url = document.createElement("input");
 	    url.setAttribute("type", "text");
 	    url.setAttribute("name", "url");
+	    url.setAttribute("id", "unciph_url_" + i);
 	    url.setAttribute("value", passwords[i].clear_url);
 	    div.appendChild(url);
 
@@ -562,6 +578,37 @@ async function change_master_key(warning_unciphered)
 	}
     }
 
+    cur_url = document.getElementById("new_url").value;
+
+    /* If we have a current URL in add form and we have a password entry that match this URL, go to the last */
+    /* Can't do this before, because everything is not displayed from browser */
+    if (cur_url !== "")
+    {
+	cur_url = url_domain(cur_url);
+	for(i=0; i<passwords.length; i++)
+	{
+	    if (!passwords[i].isUnciphered(current_mkey))
+		continue;
+	    url_elem = document.getElementById("unciph_url_" + i);
+	    target_url = url_elem.value;
+	    // Replace wildcard domain by .*<domain>
+	    if (target_url[0] == "*")
+		target_url = "." + target_url;
+	    try {
+		if (cur_url.match(target_url))
+		{
+		    window.scrollTo(0, url_elem.offsetTop);
+		    break;
+		}
+	    }
+	    /* Forgive re errors */
+	    catch(error)
+	    {
+		//console.log(error);
+	    }
+	}
+    }
+
     input = document.getElementById("master_key");
     input.value = "";