Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Private key should not be visible in web UI after initial save #1898

Closed
timcappalli opened this issue Jul 18, 2020 · 3 comments
Closed

Private key should not be visible in web UI after initial save #1898

timcappalli opened this issue Jul 18, 2020 · 3 comments
Assignees
@105th
Labels
enhancement P3: Medium UI
Milestone
v0.107.0

Comments

@timcappalli
Copy link

Issue Details

Private keys should never be visible in plain text in a web UI. This is a major security issue, especially since there can only be 1 user.

  • Version of AdGuard Home server:
    • All versions
  • How did you setup DNS configuration:
    • n/a
  • If it's a router or IoT, please write device model:
    • n/a
  • Operating system and version:
    • all operating systems

Expected Behavior

After saving the HTTPS configuration (/encryption), the private key should not be visible in the web UI again. It should show something like " Saved"

Actual Behavior

The private key is displayed in clear text in the web UI

Screenshots

Deliberately cropped.
image

Additional Information
@ainar-g ainar-g added this to the v0.107.0 milestone Aug 27, 2021
@ainar-g
Copy link
Contributor

ainar-g commented Aug 27, 2021

Good day! The latest edge build, v0.107.0-a.143+8454e65c, should contain an implementation of this feature. It will also be included into v0.107.0-b.9, which we plan to release early next week. Can you check if our solution works for you?

@timcappalli
Copy link
Author

Good day! The latest edge build, v0.107.0-a.143+8454e65c, should contain an implementation of this feature. It will also be included into v0.107.0-b.9, which we plan to release early next week. Can you check if our solution works for you?

Great news @ainar-g, thank you! I will check it out when it hits b.9.

@EugeneOne1
Copy link
Member

@timcappalli, we'll close the issue for now. Please feel free to open new issues on any problems within our solution.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@105th 105th

Labels
enhancement P3: Medium UI
Projects
None yet
Milestone
v0.107.0
Development

No branches or pull requests
5 participants
@ainar-g @ameshkov @timcappalli @105th @EugeneOne1