From 015036b499a66a39abee44c7b83f19515efcbbc2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adri=C3=A0=20Casaj=C3=BAs?= Date: Fri, 12 Apr 2024 15:19:41 +0200 Subject: [PATCH] Prevent proton mailboxes from enabling pgp encryption (#2086) --- app/auth/views/change_email.py | 2 ++ app/dashboard/views/mailbox_detail.py | 11 +++++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/app/auth/views/change_email.py b/app/auth/views/change_email.py index ff93c70a..e5a8e478 100644 --- a/app/auth/views/change_email.py +++ b/app/auth/views/change_email.py @@ -3,11 +3,13 @@ from flask_login import login_user from app.auth.base import auth_bp from app.db import Session +from app.extensions import limiter from app.log import LOG from app.models import EmailChange, ResetPasswordCode @auth_bp.route("/change_email", methods=["GET", "POST"]) +@limiter.limit("3/hour") def change_email(): code = request.args.get("code") diff --git a/app/dashboard/views/mailbox_detail.py b/app/dashboard/views/mailbox_detail.py index 06527b49..f57c5f8b 100644 --- a/app/dashboard/views/mailbox_detail.py +++ b/app/dashboard/views/mailbox_detail.py @@ -179,8 +179,15 @@ def mailbox_detail_route(mailbox_id): elif request.form.get("form-name") == "toggle-pgp": if request.form.get("pgp-enabled") == "on": - mailbox.disable_pgp = False - flash(f"PGP is enabled on {mailbox.email}", "success") + if mailbox.is_proton(): + mailbox.disable_pgp = True + flash( + "Enabling PGP for a Proton Mail mailbox is redundant and does not add any security benefit", + "info", + ) + else: + mailbox.disable_pgp = False + flash(f"PGP is enabled on {mailbox.email}", "info") else: mailbox.disable_pgp = True flash(f"PGP is disabled on {mailbox.email}", "info")