Ellpeck/ObsidianJustSharePlease
1
0
Fork 0
mirror of https://github.com/Ellpeck/ObsidianJustSharePlease.git synced 2024-05-20 02:01:22 +02:00
Code Issues Projects Releases Wiki Activity

shared

Browse source
This commit is contained in:
Ell 2023-08-17 14:43:49 +02:00
parent d069924887
commit 0eb4bd9a67
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
server/public/index.md
View file

@ -23,7 +23,7 @@ Both allow a set of actions, including sharing the link, updating the share and
## How it Works (and Security)
Just Share Please uses a simple [PHP backend](https://github.com/Ellpeck/ObsidianJustSharePlease/blob/main/server/public/share.php) that accepts requests for sharing, updating and deleting notes.
When sharing a note, its content as well as additional metadata created by the backend is shared in the server's `data` directory. Note content is stored **in plain text**, which means server admins are able to observe all notes and their content and potentially edit them. However, for users of Just Share Please to update or delete a shared note, they have to have access to a **password** that is automatically generated by the backend when sharing a note. You don't have to remember this password yourself, as it is automatically saved in the plugin's settings file. This also means that **deleting your settings** causes you to **lose access to all your shares**.
When sharing a note, its content as well as additional metadata created by the backend is stored in the server's `data` directory. Note content is stored **in plain text**, which means server admins are able to observe all notes and their content and potentially edit them. However, for users of Just Share Please to update or delete a shared note, they have to have access to a **password** that is automatically generated by the backend when sharing a note. You don't have to remember this password yourself, as it is automatically saved in the plugin's settings file. This also means that **deleting your settings** causes you to **lose access to all your shares**.
Due to the fact that note links are generated randomly, it is reasonably difficult for attackers to guess note links and access notes that they're not supposed to. That being said, all notes are still publicly available the same way that YouTube videos set to "Unlisted" are still publicly available: harder to access, but not impossible; not truly private.