NoLog.cz/decide.nolog.cz
6
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
No description
363 commits 1 branch 0 tags 22 MiB
JavaScript 46.2%
TypeScript 22.8%
PHP 15.6%
Handlebars 11.9%
SCSS 2.4%
Other 1.1%
Find a file
jelhan 04561b66d0 fix tests after update
2015-04-02 20:09:07 +02:00
app missing closing tag 2015-03-25 18:57:27 +01:00
config fix test in browser 2015-01-24 15:35:50 +01:00
public update ember-cli to 1.2.1 and ember to 1.10 2015-04-02 12:56:55 +02:00
server remove hardcoded php-cgi path 2015-01-24 17:00:46 +01:00
tests fix tests after update 2015-04-02 20:09:07 +02:00
.bowerrc first steps to ember-cli 2014-10-30 21:44:22 +01:00
.editorconfig update ember-cli to 1.2.1 and ember to 1.10 2015-04-02 12:56:55 +02:00
.ember-cli first steps to ember-cli 2014-10-30 21:44:22 +01:00
.gitignore first steps to ember-cli 2014-10-30 21:44:22 +01:00
.jshintrc upgrade ember-cli to 0.1.7 2015-01-18 18:06:47 +01:00
.travis.yml just a test 2015-01-24 17:11:23 +01:00
bower.json update to ember-cli 0.2.2 and ember 1.11.0 2015-04-02 20:01:30 +02:00
Brocfile.js update ember-cli to 1.2.1 and ember to 1.10 2015-04-02 12:56:55 +02:00
CONTRIBUTING.md Starting to move to Ember App Kit 2014-07-06 17:37:54 +02:00
LICENSE Starting to move to Ember App Kit 2014-07-06 17:37:54 +02:00
package.json update to ember-cli 0.2.2 and ember 1.11.0 2015-04-02 20:01:30 +02:00
README.md Update README.md 2015-01-20 01:03:24 +01:00
testem.json update ember-cli to 1.2.1 and ember to 1.10 2015-04-02 12:56:55 +02:00

README.md

croodle

Build Status

Croodle is a web application to schedule a date or to do a poll on a general topics. Stored content data like title and description, number and labels of options and available answers and names of users and there selections is encrypted/decrypted in the browser using 256 bits AES.

This is an alpha version. Changes could brake backward compatibility. Also it is not well tested and some features are missing. It is not ment for productive use yet.

Croodle is inspired by ZeroBin and of course by Doodle.

Security notice

As any other web application based end-to-end encryption Croodle could be attacked by an injection of maluse code on serverside or threw a man-in-the-middle attack. If an attacker could inject for example JavaScript, he would be able to read decrypted content in the browser ot the encryption key used and send it to a server under his controll.

Therefore you have to

  • use an encrypted connection to the server hosting Croodle. In most use cases this will be an httpS connection. We strongly recomend people hosting Croodle to force an encrypted connection to Croodle.
  • trust the server.

You could check for an attack like this by using an development tool for your browser and check if unencrypted data of your poll or the encryption key is send over network or is stored in a cookie or the localStorage of your browser for later send.

Requirements

Croodle is designed to have as few as possible requirements on the server it is running on. Croodle runs on almost every web space with PHP. Croodle stores the data in textfiles, so there is no need for a database server like mySQL.

Due to security reasons you should have SSL encryption enabled and provide a valid certificate.

Build process and installation

You have to install node.js package management tool npm, bower and ember-cli before.

git clone git@github.com:jelhan/croodle.git
cd croodle
npm install
bower install
ember build --environment=production

Afterwards copy all files in /dist folder to your werbserver.

Make sure that data/ folder is writeable by the web server.

You should consider to force an SSL encrypted connection.