- 31 Jan, 2014 1 commit
-
-
JC Brand authored
When using OTR with prebind, the user password isn't defined. ============================================================= When not using prebind, the user password is used to encrypt the private key for the OTR session before it's saved in session storage. When using prebind, we ideally want to use the same OTR private key across page loads, so that we don't have to spend the time generating a new one together with AKE on every page load. To do this, we need to store it somewhere, like the browser's session storage. However, I have yet to find a secure way to store the OTR private key that does not expose it to maliciously injected javascript. For now, I've updated the code to generate a new private key and do the AKE with every page reload. I'm considering adding code to store the private key in Session Storage and letting the user explicitly enable this (while making them aware of the risks involved).
-
- 30 Jan, 2014 2 commits
- 28 Jan, 2014 2 commits
- 29 Jan, 2014 2 commits
- 28 Jan, 2014 2 commits
- 25 Jan, 2014 1 commit
-
-
Priyadi Iman Nurcahyo authored
-
- 24 Jan, 2014 1 commit
-
-
GreenLunar authored
-
- 22 Jan, 2014 1 commit
-
-
JC Brand authored
-
- 15 Jan, 2014 3 commits
- 08 Jan, 2014 2 commits
- 07 Jan, 2014 1 commit
-
-
Mako N authored
-
- 01 Jan, 2014 1 commit
-
-
JC Brand authored
Option to enable toolbar call button
-
- 26 Dec, 2013 2 commits
-
-
Pete Nicholls authored
-
Pete Nicholls authored
-
- 18 Dec, 2013 7 commits
-
-
Pete Nicholls authored
-
Pete Nicholls authored
-
Pete Nicholls authored
-
JC Brand authored
-
JC Brand authored
-
JC Brand authored
-
JC Brand authored
Thanks to hejsan.
-
- 17 Dec, 2013 2 commits
- 16 Dec, 2013 6 commits
- 15 Dec, 2013 4 commits