wyantb / hashmask Goto Github PK

Current status: gh-pages 404s (I reverted it to a commit that still had it at options.html instead of index.html), example modals are broken, I can fix this soon but not right now (next hour or two probably)

Sorry, but I don't have enough time to fix this immediately. Basically, I made a merge commit (from master) to gh-pages. I realized it broke modals. so I force pushed HEAD^. For some reason, gh-pages no longer has an index.html, I guess it's on a really old commit? If I'm understanding this correctly, the HTML for the examples was accidentally deleted when I merged in from master.

TL;DR Temporary Fix: Please make gh-pages a clone of gh-pages-new. It will have borken modals, but at least it won't 404. If someone doesn't fix this, I will as soon as I get the chance (next few hours).

Sorry about that. >.>

I have a password field that is only 94px wide. The HashMask canvas is currently taking up the entire input area so I cannot click on the password field to type.

I can tab to the password field though so I'm not blocked.

I attributed stuff for the original HashMask, but none of the other code we took. I should actually do that now.

This currently applies to all branches.

What happens:

Set the time lapse to something like 1 second. Type really fast, and then stop. HashMask will blink between the hashmasks for every addition to the string before it finally displays, instead of just immediately showing the hash for the full string. (It displays the first character's hashmask, the first two characters' hashmask, the first three characters' hashmask, ....)

What should happen:

It should show the latest hashmask only once after the time delay, even if multiple characters were typed before the delay.

Also, sorry for the terrible title. Feel free to make it nicer if you can think of anything.

Currently, our extension is called "Hash Mask" in Chrome, "HashMask" on GitHub, and uses both on the options page ("Hash Mask" in title but "HashMask" everywhere else).

Since commit 46acfde, HashMask is not displayed at all on the options page and on other sites.

Probably this one, in this library.

Also consider what the above one is based on, here.

We must please the Unicorn gods.

Also, I suggest we take the validator's whining errors as guidelines. We don't necessarily need completely valid files.

Support other languages (help text, browser_action, and so on).

For now, clicking any image just unhides the carousel, and it shows whatever slide it was on before (though it's still animating in the background).

I should be able to get this to work with .carousel(number).

We have a Changes.md file. Should I convert it to an HTML page for gh-pages?

Current Status: added Changes.md to gh-pages branch, no links to it on HTML pages yet

Now that we're on github, make a Readme.

Note that BOTH modals are titled "About HashMask". I think we should at least fix this. Also, all three links in the Contacts modal are also in the About modal. Should we delete the About modal, or just make the links larger and briefer?

See rit-sse/wtf#28

This issue may be a little misleading, since there's nothing to change in our repo. I simply have this here to remind us to make sure that we're updated on the SSE's project page.

Our master branch is 1.1 megabytes large (ignoring data in .git). That would all need to be downloaded in order for the extension to be installed. Also, this makes loading the preview page slower.

Tips

• Minify anything large that isn't ours (we should keep full versions of our own code, since this is an open source project)
• Remove unneeded images and libraries
• Google Page Speed might be helpful

Edit 1: DERP, I counted the .git directory by accident.
Edit 2: Removed jQuery dev, updating file sizes.

Want ability to import and export current HashMask options.

Help links should not be lame before we go public.

Set a customizable time lapse for how long it takes to show the image.

With the new update, I am getting two things logged to my console: "HashMask received message" and an Object that appears to be for settings.

Version 21.0.1171.0 dev

Edit: title used to be "Make clicking outside of the lightbox on the options page close it"

I'm having a hard time figuring out how to import the required libraries without copy-pasting all of our code into one file (except for inject scripts). Jetpack's docs don't seem to offer any useful information on how to properly require your own files.

error: An exception occurred.
Traceback (most recent call last):
  File "chrome://browser/content/browser.js", line 5215, in delayedStartu
    .init(window);
  File "resource:///components/nsSessionStore.js", line 440, in sss_ini
    this.onLoad(aWindow);
  File "resource:///components/nsSessionStore.js", line 627, in sss_onLoa
    Services.obs.notifyObservers(null, NOTIFY_WINDOWS_RESTORED, "");
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/system/events.js", line 58, in 
    data: data
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/addon/runner.js", line 57, in 
    startup(null, options);
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/addon/runner.js", line 84, in startu
    let program = load(loader, loader.main).exports;
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/cuddlefish.js", line 177, in loa
    evaluate(sandbox, module.uri);
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/cuddlefish.js", line 142, in evaluat
    : scriptLoader.loadSubScript(uri, sandbox, encoding);
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/hashmask/lib/main.js", line 6, in 
    var sjcl = require(self.data.url("sjcl.js"));
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/cuddlefish.js", line 207, in requir
    base + " has no authority to load: " + id);
Error: Module: main located at hashmask/lib/main.js has no authority to load: resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/hashmask/data/sjcl.js

In http://www.southparkstudios.com/full-episodes in the top left (absolute top left, except maybe a tab) there is a random hashmask that I'm pretty sure does not belong there. screenshot included below.
Computer Specs:
Netbook EeePC T101MT
Running FEDORA 17 (BETA)
Chrome 20.0.1132.17 beta

Extensions List (all enabled unless specified otherwise):
Alarm 0.60, Chroma 2.0.1, Cloudy Calculator 6.0.2, colorwheel 1.0.2, Docs PDF/PowerPoint Viewer (by Google) 3.9, Facebook Notifications 1.27, Google +1 Button 1.1.2.424, Google Dictionary (by Google) 3.0.12, Google Mail Checker 3.2, Google+ Notifications 1.0.1.424, HashMask 1.1, Python Shell 2.0.3, Reddit Enhancement Suite 4.1.2, snake 0.0.0.3, Turn Off the Lights 2.0.0.97, Vimium 1.32 (Disabled)

http://i.imgur.com/OGnw1.png

The defining feature of r1.2, I think: A big fat paranoia mode button. This one would display an explanation page telling the user to move their mouse around the screen, so we can collect entropy. Also modifies other settings; increases the default # of millisecond lag to 500, doesn't display a hash for the first 6 characters.

Would only apply after the user clicks OK/Apply/Whatever.

Click on an example. Close the modal. Click on another example. The previous example shows, then hides, and then the new example is shown. This should be more immediate, such as a fade out when a modal is closed and a fade in from an otherwise empty container when a modal is opened.

Whenever I get tracebacks from errors, I always seem to get the same trace twice.
Is the extension not being loaded properly? Something might be repeating in an unwanted way.

Example

Using binary at '/usr/bin/firefox'.
Using profile at '/tmp/tmpPAV9Fh.mozrunner'.
error: An exception occurred.
Traceback (most recent call last):
  File "chrome://browser/content/browser.js", line 5215, in delayedStartu
    .init(window);
  File "resource:///components/nsSessionStore.js", line 440, in sss_ini
    this.onLoad(aWindow);
  File "resource:///components/nsSessionStore.js", line 627, in sss_onLoa
    Services.obs.notifyObservers(null, NOTIFY_WINDOWS_RESTORED, "");
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/system/events.js", line 58, in 
    data: data
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/addon/runner.js", line 57, in 
    startup(null, options);
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/addon/runner.js", line 84, in startu
    let program = load(loader, loader.main).exports;
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/cuddlefish.js", line 177, in loa
    evaluate(sandbox, module.uri);
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/cuddlefish.js", line 142, in evaluat
    : scriptLoader.loadSubScript(uri, sandbox, encoding);
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/hashmask/lib/main.js", line 6, in 
    var sjcl = require(self.data.url("sjcl.js"));
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/cuddlefish.js", line 207, in requir
    base + " has no authority to load: " + id);
Error: Module: main located at hashmask/lib/main.js has no authority to load: resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/hashmask/data/sjcl.js
error: An exception occurred.
Traceback (most recent call last):
  File "chrome://browser/content/browser.js", line 5215, in delayedStartu
    .init(window);
  File "resource:///components/nsSessionStore.js", line 440, in sss_ini
    this.onLoad(aWindow);
  File "resource:///components/nsSessionStore.js", line 627, in sss_onLoa
    Services.obs.notifyObservers(null, NOTIFY_WINDOWS_RESTORED, "");
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/system/events.js", line 58, in 
    data: data
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/addon/runner.js", line 57, in 
    startup(null, options);
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/addon/runner.js", line 84, in startu
    let program = load(loader, loader.main).exports;
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/cuddlefish.js", line 177, in loa
    evaluate(sandbox, module.uri);
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/cuddlefish.js", line 142, in evaluat
    : scriptLoader.loadSubScript(uri, sandbox, encoding);
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/hashmask/lib/main.js", line 6, in 
    var sjcl = require(self.data.url("sjcl.js"));
  File "resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/api-utils/lib/cuddlefish.js", line 207, in requir
    base + " has no authority to load: " + id);
Error: Module: main located at hashmask/lib/main.js has no authority to load: resource://hashmask-at-sse-dot-se-dot-rit-dot-edu/hashmask/data/sjcl.js
Total time: 44.292276 seconds
Program terminated successfully.

Type a password and wait for the delay. Then keep typing again. Your keypresses will not hide the previous hashmask.

If this feels like more of a matter of an opinion, feel free to elaborate.

In the top bar of chrome, add a button that temporarily disables HashMask for [the given domain | everything]. If someone's doing a screencast or something, it would be useful if there was a quick way to disable the hashmask before typing in their password (otherwise, an attacker with sufficient computing time/power could, eventually, grab that password, since they're not limited in # of requests to the server).

When you open the options page, the salt editing field should be grayed out, disabled, and not have the salt shown.

The save button gets turned into an edit button.

etc, usability improvements as needed. Keep the regenerate button, should use same generation method as what we use during installation.

I think this would be a good idea, since:

1. We don't want to make it look like the Firefox port is significantly less important development wise.
2. It's more descriptive and less confusing, especially for a project that's going to be available for multiple browsers.
3. We can change the default branch on GitHub, and renaming our default branch shouldn't break anything as our repo links to the default branch anyway, it's not glued to "master".

Pressing the left and right buttons at either end of the carousel should cause it to loop to the other end, like it does in Bootstrap's docs.

According to an issue on Bootstrap, this is a bug that was fixed in 2.0.2. We have 2.0.1. When I try to update to a (custom, pre-compiled, and complete) version of Bootstrap 2.0.2, bootstrap-responsive.css vanishes, and for some reason the new Bootstrap.css won't load at all, leaving our options page pretty much broken.

How can we fix this? I would like some feedback on how we can safely upgrade to 2.0.2 (unless if you want to do it yourself).

Trying to show a modal results in one of these errors in Chrome's JavaScript console:
Refused to execute inline event handler because of Content-Security-Policy.

This might be an issue with switching to manifest version 2. However, we should try to stick with the current standard manifest format and try to fix this issue, rather than reverting the manifest back.

To clean stuff up. I'm not sure if there is a standard for placing files in Chrome extensions. Also, if you don't think this if important, feel free to delete this issue.

Hey guys, mind checking out the current version of HashMask?

I added the browser action (UI inspired by Page Speed for Chrome), and it uses long-lived connections, so it should be able to enable/disable HashMask immediately for all tabs, without adding new permissions.

Note: I am aware that the popup always shows up with 'On' at this time. I have a few changes and cleanups to make, but it should be functional at this time. Just wondering if you guys can spot any problems I didn't. Thanks!

For code style, organization, and caching reasons, it would be nice if we had the JavaScript for options.html all in one file (since all the JavaScript there is in one place at the bottom anyway, and we can just load this from a different file at the end of the page instead). Want me to do this? It's a really easy fix.

The top bar can only be seen while the page is scrolled to the very top anyway, so the back to top button doesn't do anything useful. Either remove it or use something like bootstrap's scrollspy.

Want a kickass demo somewhere public, where people can see.

Make new visualizations.