Keeweb integration


#1

Keeweb is a web application for working with databases of the Keepass password manager.

This integrates it into Nextcloud, simply clicking on *.kdbx file opens it.

Install

Nextcloud 11+

Go to the apps area and install it.

Nextcloud 10 (support discontinued)

  1. Go to the releases page, download 0.2.9.
  2. Extract it to your_nextcloud/apps, for example with tar xvf keeweb-0.2.9.tar.gz -C /path/to/your/nextcloud/apps.
  3. Go to “Apps” and then “Not enabled”, scroll down to “Experimental” and enable it.

Issues?

Open an issue on Github (preferred) or just comment here.

Changelog

nextcloud-keeweb (0.4.0

  • Support Nextcloud 12
  • Bundle Keeweb 1.5.0

nextcloud-keeweb (0.3.1)

  • Bundle Keeweb 1.4.1

nextcloud-keeweb (0.3.0)

  • Nextcloud 11 support
  • Drop Nextcloud 10, and Owncloud/Nextcloud 9 support
  • Use repair steps to update filecache

nextcloud-keeweb (0.2.9)

  • Validate info.xml against XSD

nextcloud-keeweb (0.2.8)

  • Bundle Keeweb 1.3.3

nextcloud-keeweb (0.2.7)

  • Bundle Keeweb 1.3.1

nextcloud-keeweb (0.2.6)

  • Support Nextcloud 10
  • Bundle Keeweb 1.3.0

nextcloud-keeweb (0.2.5)

  • Load standard mimetypes before registering our own.

nextcloud-keeweb (0.2.4)

  • Fix path generation for remote file path when installed to subdirectory.
  • Use current server host in pretty filename

nextcloud-keeweb (0.2.3)

  • Use EventDispatcher to hook into files app
  • Use explicit URL and autogenerated version in cache manifest
  • Workaround XML tags being picked up as PHP short tags

nextcloud-keeweb (0.2.2)

  • Fix cleaning open parameter from history
  • Improve URL detection for script injection into the files app

nextcloud-keeweb (0.2.1)

  • Use URL generators everywhere

nextcloud-keeweb (0.2.0)

  • Cleanup duplicate files in history
  • Add child-src to CSP (frame-src is deprecated)
  • Fix cache manifest

nextcloud-keeweb (0.1.0)

  • Initial release

Contributing

  1. Fork the repository on Github and clone your fork.
  2. Create a new branch.
  3. Commit your patch.
  4. Push the branch and open a pull request.

Hosting keePass database on Nextcloud
#2

Error encountered when trying to open file from nextcloud file browser


#3

The filename with its path and the path in the browser (https://cloud.example.org/all_of_this?open=including_this) would be highly interesting here. If the actual data is too sensitive for you, could you look into creating a non-sensitive testcase that reproduces the issue for you?

If you want to dig a bit deeper, you could look into your browsers developer tools (Rightclick -> Inspect (element) -> Network) and look for the failed request and how it looks like.


#4

That’s the log from firefox:

2016-08-09T15:49:35.544Z [app] Loading config from config?file=/alemele/pasrole.kdbxkeeweb:13:24582
2016-08-09T15:49:37.605Z [app] Loaded app config from config?file=/alemele/pasrole.kdbx 2059mskeeweb:13:24743
Error in parsing value for ‘height’. Declaration dropped.keeweb
2016-08-09T15:49:47.755Z [open:/alemele/pasrole.kdbx on Nextcloud] File open requestkeeweb:13:24743
2016-08-09T15:49:47.756Z [open:/alemele/pasrole.kdbx on Nextcloud] Open file from storage webdavkeeweb:13:24743
2016-08-09T15:49:47.757Z [open:/alemele/pasrole.kdbx on Nextcloud] Load from storagekeeweb:13:24743
2016-08-09T15:49:47.758Z [storage-webdav] Load "https://my_domain/remote.php/webdav/alemele/pasrole.kdbx?requesttoken=1wGPhcREwkeKQY%3D%3A1U5fNYPE0mLvFTiAA45eAU%2BkKGZUBOfbj8H209spJCo%3D"keeweb:13:24582
2016-08-09T15:49:47.854Z [storage-webdav] Load error “https://my_domain/remote.php/webdav/alemele/pasrole.kdbx?requesttoken=1wGPhcREwkeKQY%3D%3A1U5fNYPE0mLvFTiAA45eAU%2BkKGZUBOfbj8H209spJCo%3D” 404 95mskeeweb:13:24582
2016-08-09T15:49:47.857Z [open:/alemele/pasrole.kdbx on Nextcloud] Storage load error Object { notFound: true }keeweb:13:24743
2016-08-09T15:49:47.860Z [open-view] Error opening file Object { notFound: true }keeweb:13:25065

And that’s the url shown by the web browser:

https://my_domain/owncloud/apps/keeweb/?open=%2Falemele%2Fpasrole.kdbx

It seems that “owncloud” after domain name is missing in request, it should be:

https://my_domain/owncloud/remote.php/webdav/alemele/pasrole.kdbx?requesttoken=1wGPhcREwkeKQY%3D%3A1U5fNYPE0mLvFTiAA45eAU%2BkKGZUBOfbj8H209spJCo%3D


#5

Also it would be better for me to have the possibility to choose the key file from webdav, stored in another path than password’s database


#6

Wow great integration gonna test it out.


#7

Try 0.2.4, I think I fixed that issue.

Keyfile integration is hard. While there’s a property for the key file path on the model (https://github.com/keeweb/keeweb/blob/develop/app/scripts/models/file-info-model.js#L16) , it’s not being passed from the config we can provide (https://github.com/keeweb/keeweb/blob/develop/app/scripts/models/app-model.js#L79-L85). I’m also not sure what UX story we can expect here, there doesn’t seem to be any popup file chooser we can reuse in Nextcloud, nor a Webdav file browser in Keeweb, and implementing either is a bit out of scope of this app.


#8

Tested 0.2.4, working like a charm.

For keyfile, maybe you can add a search box, no need for popup file chooser, in search box we can enter the path and the first letters


#9

I’m very leery of this. How safe is authenticating to the kdbx database? Does Keeweb unlock when you authenticate to your account or is there additional authentication like with KeePass where you have to decrypt the database? Is it being unlocked locally or remotely on your server? I don’t see info on this


#10

It’s like KeePass, you have to provide the database password and optionally its keyfile if it requires one. The file is loaded into your browser and decrypted only there, Keeweb makes no server connection at all except for downloading the encrypted database and uploading it again on save.

However how much you trust your local browser to hold the decrypted database in memory is a valid concern and whether it’s worth the security to usability trade-of, everybody has to decide for themselves. I certainly wouldn’t do it on an untrusted machine, but I wouldn’t install KeePass and open it with that either in an untrusted environment.


#11

Thank you for the reply jhass. That confirms all I would like to know. I personally feel like it is always a risk to trust your web browser, but I would be interested to try with a partial of my database. Are there any benefits to use Keeweb over locally run KeePass/KeePassX?


#12

For me as Linux user the feature set and UI is better than what’s available as local clients (I switched to the Keeweb desktop version too). A web client mainly allows you to access your database for when you do not have local installation rights or do not want to install something for a reason, yet you do trust the computer enough to access your passwords, or you absolutely have to for something.


#13

Okay cool! I think I might give it a try because I run into your second scenario sometimes


#14

Hello, Keeweb app is no more visible in nextcloud app store? Any reason why?


#15

nextcloud appstore is (or was) just in beta and everything shall be deleted before going online…

Not only keeweb but also other apps and my useraccount are gone…
…so I think the developers have cleared everything while doing an update…

Until it is again available in the store, you can download it from here:


#16

Hello guys,

Each time I try to enable Keeweb in nextcloud 10, it becomes really really slow browsing files but not in the app itself.

I don’t find anything in nextcloud logs…How can I troubleshoot this to provide some logs ?

Regards,


#17

The best is to report issues with an app directly to the bugtracker of this app:

If you don’t have logs, try to provide steps to reproduce this problem and also specify what you mean by really slow browsing (e.g. standard file app takes 30s to load instead of 1s).


#18