Password via url requires to be encoded in base64

pull/83/head
Sheng 2019-08-10 14:41:15 +08:00
parent b3c2094cd2
commit 57c9a264ea
1 changed files with 24 additions and 5 deletions

View File

@ -103,6 +103,15 @@ jQuery(function($){
} }
function decode_password(encoded) {
try {
return window.atob(encoded);
} catch (e) {
console.error(e);
}
}
function parse_url_data(string, form_map, opts_map) { function parse_url_data(string, form_map, opts_map) {
var i, pair, key, val, var i, pair, key, val,
arr = string.split('&'); arr = string.split('&');
@ -112,6 +121,10 @@ jQuery(function($){
key = pair[0].trim().toLowerCase(); key = pair[0].trim().toLowerCase();
val = pair[1] && pair[1].trim(); val = pair[1] && pair[1].trim();
if (key === 'password' && val) {
val = decode_password(val);
}
if (form_map[key] === '') { if (form_map[key] === '') {
form_map[key] = val; form_map[key] = val;
} else if (opts_map[key] === '') { } else if (opts_map[key] === '') {
@ -762,18 +775,24 @@ jQuery(function($){
restore_items(fields); restore_items(fields);
initialize_map(fields.concat(['password']), url_form_data); initialize_map(fields.concat(['password', 'totp']), url_form_data);
initialize_map(['bgcolor', 'title', 'encoding', 'command'], url_opts_data); initialize_map(['bgcolor', 'title', 'encoding', 'command'], url_opts_data);
parse_url_data( parse_url_data(
decode_uri(window.location.search.substring(1)) + '&' + decode_uri(window.location.hash.substring(1)), decode_uri(window.location.search.substring(1)) + '&' + decode_uri(window.location.hash.substring(1)),
url_form_data, url_opts_data url_form_data, url_opts_data
); );
console.log(url_form_data); // console.log(url_form_data);
console.log(url_opts_data); // console.log(url_opts_data);
if (url_form_data.password === undefined) {
log_status('Password via url must be encoded in base64.');
} else {
if (url_form_data.hostname && url_form_data.username) { if (url_form_data.hostname && url_form_data.username) {
connect(url_form_data); connect(url_form_data);
} else {
log_status('Values of hostname and username are required.');
}
} }
}); });