search

vavrecan / keeweb-local-server

Local Server Plugin for KeeWeb
23 stars 9 forks source link

Server password sent in get request #4

Closed infeeeee closed 4 years ago

infeeeee commented 5 years ago

I found in my access logs that server password sent in a get request, so it can be a security vulnerability.

Is it possible to change that to a post request?

vavrecan commented 4 years ago

thank you, modified plugin is now using Authorization http header to pass server password