sniptt-official / ots Goto Github PK
View Code? Open in Web Editor NEW๐ Share end-to-end encrypted secrets with others via a one-time URL
Home Page: https://ots.sniptt.com
License: Apache License 2.0
ots's People
Contributors
Stargazers
Watchers
Forkers
skottklebe jeremyletang waldenn syllogy valgaze 0xhexe simonctrlz zoltangbereczky brianott rmenn fourstash sdileep pseudobobsmith mufidu jithinraj vicdecode adrianmarcon wood-e mirrorfork tkforks suryatmodulus marchanlon antmanler qingshihuangdi mazlorg mnlkrs oznakn cyberflamego marquiserippin mfrank2016 amanbolat ellingwood mfg7-frks kristophercasey nonomal standardgalactic amkid alexrogalskiy andykorg jorik041 brovisa student-777 blazeryoo j0ker-222 sala2000 petrivanes creatorjasonots's Issues
proxy support
import (
"context"
"net"
"net/http"
"time"
)
func main() {
// create a SOCKS5 proxy dialer
dialer, err := proxy.SOCKS5("tcp", "localhost:1080", nil, proxy.Direct)
if err != nil {
// handle error
}
// create a transport that uses the SOCKS5 proxy dialer
transport := &http.Transport{
DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
return dialer.Dial(network, addr)
},
}
// create an http.Client that uses the custom transport
httpClient := &http.Client{
Timeout: 10 * time.Second,
Transport: transport,
}
// use the httpClient to make requests
resp, err := httpClient.Get("https://example.com")
if err != nil {
// handle error
}
defer resp.Body.Close()
// read the response body
// ...
}
Add test for `encrypt` package
Add some basic test coverage starting with the encrypt package.
OTC
Add option to password-protect the encryption key
An interesting optional feature would be to protect the encryption key using a password. The recipient would have to enter the password on the web page, the decryption still fully client-side.
It could be done using derivation directly, stretching the password to derive the encryption key. But that would undermine the encryption security, making the cyphertext as weak/strong as the password. Another approach is to derive a KEK from the password, wrapping the fully random encryption key. This way the cyphertext is not impacted, and the security level of the password is kept client-side.
Do not hardcode version in root command
Ideally, we'd somehow use the current tag when building the binary to embed the version. I am assuming this can be done via ldflags.
npx cdk bootstrap error
npx cdk bootstrap 'aws://123456789012/us-east-1' --profile dev
โณ Bootstrapping environment aws://123456789012/us-east-1...
โ Environment aws://123456789012/us-east-1 failed bootstrapping: Error: Need to perform AWS calls for account 123456789012, but no credentials have been configured
at SdkProvider.forEnvironment (/www/ots/node_modules/aws-cdk/lib/index.js:284:44976)
at async BootstrapStack.lookup (/www/ots/node_modules/aws-cdk/lib/index.js:371:19012)
at async Bootstrapper.modernBootstrap (/www/ots/node_modules/aws-cdk/lib/index.js:372:1084)
at async /www/ots/node_modules/aws-cdk/lib/index.js:376:2104
at async Promise.all (index 0)
at async CdkToolkit.bootstrap (/www/ots/node_modules/aws-cdk/lib/index.js:376:1949)
at async exec4 (/www/ots/node_modules/aws-cdk/lib/index.js:429:51795)
Need to perform AWS calls for account 123456789012, but no credentials have been configured
Do not hardcode API url in `api/client/client.go`
Ideally, this would be configurable, I assume should be possible via ENV var and/or flag during build.
Might also make sense to make this configurable by the user, however that would be a separate issue.
Windows release should use .zip instead of .tar.gz
As in title
Add Windows binary to releases
Encrypted secrets URL
Interested
Don't change the indentation of secrets
Thanks for the interesting tool!
I want to store yaml and json data exactly as they are without changes to their indentation:
{
"foo": "bar"
}Indentation in json is not very important, but can become ugly when the json data is larger.
version: v1alpha1
metadata:
name: secret-data
spec:
data:
- hello worldExpected
The expected outcome is that I get the same data back, without change in indentations. Especially yaml should stay exactly the same because the syntax depends on indentation.
Actual result
{
"foo": "baar"
}version: v1alpha1
metadata:
name: secret-data
spec:
data:
- hello worldIt might be that the fault lies in the underlying encryption package.
Encryption key should leverage URI Fragment
The fragment part of the URI is not sent over the network to the server. That would ensure the key is never seen by your servers.
The following statement would then not be needed anymore by design, as the client code is auditable.
We do not log, track, share, or store the encryption key that protects your secret.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.