Fix Awkward Client IP bug

v1.8.1

fix: awkward bug in the code

Get client IP

• Get client ip from header set in checkHeaders array #39
• Increase the salt rounds for more secure hashing #37
• Add contribution file #35

The Statistical Bugfix

• Reset the form data to allow the user to post new secrets #33
• Add secrets created statistics #32
• Remove the expansion of the textarea #31

Unique ID for password field

Nothing more. Nothing less.

Better encryption

Crypto update: 43ec153

This release also goes from Preact to React. The reason is that preact/compat does not work for all libraries. This is pain.

The Attachment

The main focus of this release is to enable users to upload an image. This requires the users to sign in. Email is required.

Other is if the secret is a base64 encoded string, it will detect this within the frontend, and add a button to convert it to plain text.

The Unlockable

This release will create a more secure storing of secrets. It requires a unique key that is part of the URL in order to unlock the secret. From the README:

You enter https://hemmelig.app, write your sensitive information, expire time, optional password, and click create a secret link. You share the secret link. The receiver of the link opens it, writes the optional password, and retrieves the sensitive information. When a secret link is created, it gets its unique encryption key that is not saved to the database and only will be part of the URL. This means NO ONE can decrypt your secret without the hash(SECRET_MASTER_KEY + YOUR_UNIQUE_ENCRYPTION_KEY), and access to the Redis instance.

The Safari Flaw

Solves a bug with safari that the header was 1000px in height

The Helmet

• fastify-helmet
• Polishing

The Manifest typo release

v1.3.1

Update manifest images url