Refusing to fill non-https sites
This commit is contained in:
parent
5f41e4a7c6
commit
97495851af
|
@ -47,6 +47,11 @@ parser.add_argument(
|
||||||
help="Cache 1password session for 30 minutes",
|
help="Cache 1password session for 30 minutes",
|
||||||
action="store_true",
|
action="store_true",
|
||||||
)
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
"--allow-insecure-sites",
|
||||||
|
help="Allow filling credentials on insecure sites",
|
||||||
|
action="store_true",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class Qute:
|
class Qute:
|
||||||
|
@ -325,5 +330,15 @@ class CLI:
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
arguments = parser.parse_args()
|
arguments = parser.parse_args()
|
||||||
|
|
||||||
|
# Prevent filling credentials in non-secure sites if not explicitly allwoed
|
||||||
|
if not arguments.allow_insecure_sites:
|
||||||
|
if urlsplit(os.environ["QUTE_URL"])[0] != "https":
|
||||||
|
Qute.message_error(
|
||||||
|
"Trying to fill a non-secure site. If you want to allow it add the --allow-insecure-sites flag."
|
||||||
|
)
|
||||||
|
logger.error("Refusing to fill credentials on non-secure sites")
|
||||||
|
sys.exit(0)
|
||||||
|
|
||||||
cli = CLI(arguments)
|
cli = CLI(arguments)
|
||||||
sys.exit(cli.run())
|
sys.exit(cli.run())
|
||||||
|
|
Loading…
Reference in New Issue