Hemmelig.app issues

As the title says. Add a flag for this.

ZAP Full Scan Report

7

- Site: [https://hemmelig.app](https://hemmelig.app) **New Alerts** - **Content Security Policy (CSP) Header Not Set** [10038] total: 2: - [https://hemmelig.app](https://hemmelig.app) - [https://hemmelig.app/](https://hemmelig.app/) - **Cross-Domain Misconfiguration** [10098] total: 9: - [https://hemmelig.app](https://hemmelig.app) - [https://hemmelig.app/](https://hemmelig.app/)...

github-actions[bot]

Create wallpapers for desktop / mobile

bjarneo

Refactor secret deletion

Considering to create a queue mechanism here to trigger an event when the time is up for deletion

bjarneo

Diffie-Hellman for the encryption

2

Just as mentioned in my original reddit comment Ideally the way I think it should be implemented is with an "Expert mode" option. This way non-technical users won't struggle with...

kr-nn

Make password part of the encryption

1

It makes it hard though while using bcrypt. Which means the hash is always different. However, might be able to inject the password as a sha, which again is encrypted...

bjarneo

Security audit

5

Feel free to audit this application. Would be highly appreciated.

bjarneo

help wanted

Make the development UX a better experience

This means combining the server and the frontend.

bjarneo

Branding

Make it possible to brand the self-hosted version.

bjarneo

Hemmelig.app
Hemmelig.app copied to clipboard

Metadata

Consider to zip the files to prevent the "allow" "block" popup for the multi file download

Restrict the usage of the application for registered users only (if you turn it on)

ZAP Full Scan Report

Create wallpapers for desktop / mobile

Refactor secret deletion

Diffie-Hellman for the encryption

Make password part of the encryption

Security audit

Make the development UX a better experience

Branding

← Metadata

Owner

Metadata

Hemmelig.app Hemmelig.app copied to clipboard

Metadata

← Metadata

Owner

Metadata

Hemmelig.app
Hemmelig.app copied to clipboard