ehuggett
ehuggett
Hi, It appears (www.)glowing-bear.org points to cloudflare and https is enabled, so it would be really great if insecure requests could be redirected to https and a HSTS (HTTP Strict...
phplist currently uses unsalted single round hashes for admin and user passwords alike (with the option to disable hashing entirely for user passwords so it can be sent to them...
Accepting the send URL on the command line may compromise the secrecy of its secretKey - CLI arguments can be read by other processes e.g. from `/proc/$pid/cmdline` (normally world readable)....
The downloader may not know the name of a file in advance, but may still wish to download and save it to the suggested filename regardless. - Sanity checking of...
@dsnezhkov's [comment](dsnezhkov) (copied here in part) > What I would very much benefit from, since I am using sendclient.* calls is some level of message verbosity suppression. I know download...
none of the api_* functions currently have any tests. - Something like https://pypi.python.org/pypi/requests-mock may be of use here - Running the tests against a local send server would give more...
It would appear the algorithm was changed from NIST SP 800-108 to IETF RFC 5869, and it was renamed to HKDF (so HKDF-CTR is no longer part of the standard?)....
😄
The time can currently be parsed the time from time.txt, this should fix that. Untested, please commit to production immediately in true devops style.