[kdeconnect] [Bug 494201] New: KDE Connect ignores "Exclude passwords" option and syncs passwords marked as sensitive by KeePassXC

Pavel N bugzilla_noreply at kde.org
Sun Oct 6 10:58:23 BST 2024 

https://bugs.kde.org/show_bug.cgi?id=494201

            Bug ID: 494201
           Summary: KDE Connect ignores "Exclude passwords" option and
                    syncs passwords marked as sensitive by KeePassXC
    Classification: Applications
           Product: kdeconnect
           Version: unspecified
          Platform: Other
                OS: macOS
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: macos-application
          Assignee: turx2003 at gmail.com
          Reporter: nedomik at gmail.com
  Target Milestone: ---

SUMMARY
KDE Connect clipboard synchronization shares passwords copied from KeePassXC,
even though the clipboard content is marked as sensitive by the application and
the option to "Include passwords" is disabled.

STEPS TO REPRODUCE

1) Install KDE Connect on macOS Sonoma 14.6.1 (ARM version,
kdeconnect-kde-master-4354-macos-clang-arm64.dmg).
2) Configure the Clipboard plugin in KDE Connect to automatically share the
clipboard, but disable the "Include passwords (as marked by password managers)"
option.
3) Copy a password using KeePassXC (version 2.7.8).
4) Observe that the password is synced to the connected phone, even though it
should be excluded.

OBSERVED RESULT
When copying a password from KeePassXC, the clipboard is populated with several
MIME types, including:

"org.nspasteboard.ConcealedType"
"com.trolltech.anymime.application--x-nspasteboard-concealed-type"
These types are added by KeePassXC to indicate that the clipboard content is
sensitive. However, KDE Connect still shares this content with connected
devices, despite the "Include passwords" option being disabled.

EXPECTED RESULT
KDE Connect should detect these MIME types (specifically
org.nspasteboard.ConcealedType and
com.trolltech.anymime.application--x-nspasteboard-concealed-type) that mark
clipboard content as sensitive and avoid sharing the clipboard content with
connected devices, particularly when the "Include passwords" option is
disabled.

SOFTWARE/OS VERSIONS
macOS: Sonoma 14.6.1
KDE Connect Version: kdeconnect-kde-master-4354-macos-clang-arm64.dmg (nightly
version)
KeePassXC Version: 2.7.8

ADDITIONAL INFORMATION
When copying a password from KeePassXC, the clipboard on macOS includes MIME
types that indicate sensitive data, added by KeePassXC. KDE Connect should
respect these MIME types to avoid sharing clipboard content marked as
sensitive. The exact MIME types returned by macOS are as follows:
{"public.utf8-plain-text", "com.apple.traditional-mac-plain-text",
"public.utf16-plain-text", "public.text", "com.trolltech.anymime.text--plain",
"org.nspasteboard.ConcealedType",
"com.trolltech.anymime.application--x-nspasteboard-concealed-type"}

-- 
You are receiving this mail because:
You are watching all bug changes.

More information about the kde-mac mailing list