Question about references roadmap

SecretKeeper · May 22, 2024, 9:42am

Thank you. Aren’t handling the KeePass’ user/password references still on the roadmap? That would be a killer feature for me…

luckyrat · May 24, 2024, 9:52am

Please can you be more specific about what you want to be changed about the current functionality? What doesn’t work for you at the moment and how would you like it to work in future?

SecretKeeper · May 24, 2024, 1:24pm

Thank you. The use case is - when a site has several domains, and it authenticates from each of the domain separately, but using the same account database, I need to create several entries in KeePass. Think (contrived example) amazon.com and amazon.de, which have login pages (again, only an example) auth.amazon.com/login and auth.amazon.de/login

To handle that I have 2 entries in KeePass. But when I change the (example) Amazon password, I need to update 2 entries.

KeePass has the reference mechanism:

The KeePassRPC is not using that, i.e. when there’s a matching entry, it inserts the literal “{REF:…}” into the username and password field.

The feature request would be to handle those 2 references - for username and for password. I remember there was a discussion that it’s insecure, but these 2 references I think pose no danger whatsoever. It’s only a question of whether it is possible for KeePassRPC to find and open the entry referred to and fetch and insert username and password from it.

The same applies to Kee.pm browser extension.

Thanks.

luckyrat · June 6, 2024, 10:43am

I think the KeePass behaviour is normal and not something we have any influence over.

As for the integration with the browser extension, I’m still not sure exactly what features you are looking for which are not already supported by Placeholder handling

Have you tried enabling the placeholders/references feature?

By the way, this most common of reasons for using references can be more simply solved by just adding a 2nd URL to the Kee “URLs” list in the entry. That way you only need one entry, form filling works on all the URLs and the only potential downside I’m aware of is if you want to use the primary URL within the KeePass interface as your starting point to load the website into your browser. If you’re starting from your browser (e.g. using a bookmark or Google search) that drawback is irrelevant.

There are probably still valid use cases of entry references but in the vast majority of cases they are no longer the best tool for the job.

elieux · June 11, 2024, 7:35pm

Hey. I just upgraded to KeePassRPC v2.0.0 and noticed the REF symbols got filled in instead of the referenced fields’ data. It used to work before the upgrade. Browser extension v3.11.13. I’ll provide more testing if needed.

horst · June 12, 2024, 3:36pm

Why not reading the explanation above
and enable the Kee placeholder function
if you need it.

luckyrat · June 12, 2024, 6:38pm

There was a bug in version 2.0.0 which has been fixed:

github.com/kee-org/keepassrpc

Placeholder field not replaced in browser when updating to keepassrpc version 2

opened 02:48PM - 10 Jun 24 UTC

closed 06:29PM - 12 Jun 24 UTC

CennoxX

bug

When updating to version 2, the setting at KeePass > File > Database Settings… >… Kee > KeePass placeholders > Enable is not respected. I'll have to specifically enable KeePass placeholders also for the individual form fields, otherwise the browser addon only shows something like {TIMEOTP} instead of the numbers. When I enable KeePass placeholders also for the individual form fields, it works again. ![grafik](https://github.com/kee-org/keepassrpc/assets/6975881/4efc6085-3c40-4529-a5b4-a23594d656a0)

Do try to move away from relying on the database-wide enabling of placeholders though, when you get a chance.