Last 0.4 hopefully

So it seems like the issue is solved and the only question remaining is will they accept it.

The big vulnerability was that the password was being saved in the clipboard after pushing the button. I implemented a fix to clear it but the drawback is that method is one in the same for every button pushed not only the password and in that perspective every clipboard entry would have been cleared after 15s not only the password.

Solving this meant I altered the copyable.js file which is where the button is instantiated.

Inside that file there is a param named isSecret which is a boolean and here is the best part, it is only true when the field value is a hidden password.

So I passed the value in that called method which then calls the copable method in the utils.js script as so

I pass the value into the copyToClipboard method, check to see if it is true, because if it is we know we have a password and we will need to clear it and if it is false than that value can stay in the clipboard.

Let us see what the board thinks of these changes… And I also noticed these guys do not put a lot of comments in their code, I mean most of the logic is pretty blunt as to what is going on but comments would have been appreciated.

https://github.com/buttercup/buttercup-desktop/pull/762

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s