Sunday, September 15, 2013

Introducing BrowsePass, a KeePass on the web

Update: Because MyDrive does not serve CSS files as text/css and most browsers block such stylesheets, you may find very disturbing render of the web page as reported in issue #40 (https://bitbucket.org/namn/browsepass/issue/40/very-badly-rendered-page-when-hosted-on). Please use the Chrome app, or another hosting provider.

Update: There is now a Chrome app. If you use the app, you do not need to carry out steps 5 to 7 below.

Update: Please file bugs and feature requests at the project's page.

This post was initially intended to be named "How to have your own open source XXX" where XXX is your favorite commercial online password manager. Then I realized that would have been too deceiving because I don't know jack about them. I have never used them. How can you trust a closed source password management software?

In contrast, BrowsePass is a GPL licensed JavaScript application (and library) to open KeePass password databases in (modern) browsers. It is great when you're on the move and don't bring KeePass with you or cannot install it on your machine but you need to access a password in your vault.

Setting up BrowsePass is as easy as uploading all the files to your web hosting provider. I would recommend you to use MyDrive because it offers WebDAV, and serves files with sane MIME type instead of forcing you to download them. You can use MyDrive as your HTTPS web host, as well as the remote storage for KeePass.

BrowsePass can read a dropped in local database file as well as a remote database file. In the second case, cross origin policy might prevent the loading of remote file, unless the remote server has enabled Cross Origin Resource Sharing (CORS).

In summary, here're the steps to set BrowsePass up for read, with KeePass for write.

  1. Register an account with MyDrive.
  2. Create a database with KeePass.
  3. Upload your database to MyDrive. Let's say you have uploaded it as personal.kdbx.
  4. In KeePass, open URL https://webdav.mydrive.ch/personal.kdbx. From now on, whenever you save, your file on MyDrive will be updated.
  5. Download latest version of BrowsePass.
  6. Unpack and upload all the files to MyDrive.
  7. Browse to https://webdav.mydrive.ch/browsepass.html.
  8. You can either drag and drop a local KeePass database file to the second box, or type in an URL to your database in the first box. The URL can be either relative such as personal.kdbx or an absolute one such as https://webdav.mydrive.ch/personal.kdbx.

Here are some mandatory screenshots. I hope you'll like it.

How to read .NET GZipStream with Python zlib

Just a quick post, sort of a note to myself. The code below can be used to inflate (unzip, decompress) the byte string that was created by .NET GZipStream.

import zlib
data = 'abcdef' # get the input bytestring
data = [10 : ]  # skip the first 10 bytes, .gz file header
decompressed_data = zlib.decompress(data, -zlib.MAX_WBITS)