Summary:
Password manager tools like Keepassx offer an option to clear
the clipboard/selection after some time, e.g. 10 seconds,
after the password was copied to the clipboard. This works fine,
but unfortunately the password isn't removed from Klipper's
history. This is a great security risk, which may make the use
of password managers impossible.
This patch changes Klipper::applyClipChanges(const QMimeData* clipData)
where clipboard data is inserted into history. If the data has an
additional mime type 'x-kde-passwordManagerHint' with the data 'secret',
it is not inserted into history.
For this to work as designed, password managers should add the
additional mime type 'x-kde-passwordManagerHint' to the mimeData
like following when copying a password to the clipboard:
```
QMimeData* mimeDataClipboard = new QMimeData();
const QString secretStr = "secret";
QByteArray secretBa = secretStr.toUtf8();
mimeDataClipboard->setText(password); // this is the password to copy
mimeDataClipboard->setData("x-kde-passwordManagerHint", secretBa);
clipboard->setMimeData(mimeDataClipboard, QClipboard::Clipboard);
if (clipboard->supportsSelection()) {
// we cannot use the same QMimeData, it's already owned by clipboard
QMimeData* mimeDataSelection = new QMimeData();
mimeDataSelection->setText(password); // this is the password to
copy
mimeDataSelection->setData("x-kde-passwordManagerHint", secretBa);
clipboard->setMimeData(mimeDataSelection, QClipboard::Selection);
}
```
Reviewers: davidedmundson
Reviewed By: davidedmundson
Subscribers: dvratil, broulik, graesslin, davidedmundson, plasma-devel
Tags: #plasma
Differential Revision: https://phabricator.kde.org/D12539
Summary:
Password manager tools like Keepassx offer an option to clear
the clipboard/selection after some time, e.g. 10 seconds,
after the password was copied to the clipboard. This works fine,
but unfortunately the password isn't removed from Klipper's
history. This is a great security risk, which may make the use
of password managers impossible.
This patch changes Klipper::applyClipChanges(const QMimeData* clipData)
where clipboard data is inserted into history. If the data has an
additional mime type 'x-kde-passwordManagerHint' with the data 'secret',
it is not inserted into history.
For this to work as designed, password managers should add the
additional mime type 'x-kde-passwordManagerHint' to the mimeData
like following when copying a password to the clipboard:
```
QMimeData* mimeDataClipboard = new QMimeData();
const QString secretStr = "secret";
QByteArray secretBa = secretStr.toUtf8();
mimeDataClipboard->setText(password); // this is the password to copy
mimeDataClipboard->setData("x-kde-passwordManagerHint", secretBa);
clipboard->setMimeData(mimeDataClipboard, QClipboard::Clipboard);
if (clipboard->supportsSelection()) {
// we cannot use the same QMimeData, it's already owned by clipboard
QMimeData* mimeDataSelection = new QMimeData();
mimeDataSelection->setText(password); // this is the password to
copy
mimeDataSelection->setData("x-kde-passwordManagerHint", secretBa);
clipboard->setMimeData(mimeDataSelection, QClipboard::Selection);
}
```
Reviewers: davidedmundson
Reviewed By: davidedmundson
Subscribers: dvratil, broulik, graesslin, davidedmundson, plasma-devel
Tags: #plasma
Differential Revision: https://phabricator.kde.org/D12539
Newer libprison might give nullpointers depending on compilation
options. Adapt code to be able to handle that.
Differential Revision: https://phabricator.kde.org/D10628
Summary:
ServiceJob::setResult already does a emitResult.
Discovered with the assert created in https://phabricator.kde.org/D9862
Reviewers: #frameworks, #plasma, broulik
Reviewed By: #plasma, broulik
Subscribers: broulik, plasma-devel
Tags: #plasma
Differential Revision: https://phabricator.kde.org/D10629
ECM, when requiring ECM >=5.38, sets CMAKE_*_OUTPUT_DIRECTORY, so the
tests executables are no longer generated in the current binary dir.
Calling add_test() with the signature
add_test(<name> <command> [...])
will not result in any further processing of the <command> argument,
it will be executed as is. Using instead
add_test(NAME <name> COMMAND <command> [...])
will result in <command> getting some handling, cmp. CMake docs:
"If <command> specifies an executable target (created by add_executable())
it will automatically be replaced by the location of the executable
created at build time."
Which is what is needed now here (and also used in ecm_add_test).
l10n daemon script
Roman Geints
Kai Uwe Broulik
Yuri Chornoivan
Laurent Montel
Christoph Feck
Robert Hoffmann
Friedrich W. H. Kossebau
Sune Vuorela
Jaime Torres
Safa AlFulaij