Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Port prompting users on opening new untrusted ZIM from upstream #587

Closed
Jaifroid opened this issue Apr 17, 2024 · 0 comments · Fixed by #588
Closed

Port prompting users on opening new untrusted ZIM from upstream #587

Jaifroid opened this issue Apr 17, 2024 · 0 comments · Fixed by #588
Assignees
@Jaifroid
Labels
security Vulnerabilities or other issues affecting security upstream Should be worked on in kiwix-js
Milestone
Release 3.2.0

Comments

@Jaifroid
Copy link
Member

The new security feature in Kiwix JS prompts a user to check whether they trust the source of a ZIM, and will open it in Safe mode (here called Restricted mode, aka jQuery mode) if not. See kiwix/kiwix-js#1192.

It should be relatively quick to port here.
@Jaifroid Jaifroid added upstream Should be worked on in kiwix-js security Vulnerabilities or other issues affecting security labels Apr 17, 2024
@Jaifroid Jaifroid added this to the Release 3.2.0 milestone Apr 17, 2024
@Jaifroid Jaifroid self-assigned this Apr 17, 2024
@Jaifroid Jaifroid mentioned this issue Apr 17, 2024
Merged
Jaifroid added a commit that referenced this issue Apr 19, 2024
@Jaifroid
Add security verification for untrusted archives #587 (#588)
7c40edd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Jaifroid Jaifroid

Labels
security Vulnerabilities or other issues affecting security upstream Should be worked on in kiwix-js
Projects
None yet
Milestone
Release 3.2.0
Development

Successfully merging a pull request may close this issue.

Add security verification for untrusted archives kiwix/kiwix-js-pwa
1 participant
@Jaifroid