Browse Source

Update 'README.md'

master
erinn 1 month ago
parent
commit
f8fa4c5ec6
1 changed files with 5 additions and 0 deletions
  1. +5
    -0
      README.md

+ 5
- 0
README.md View File

@@ -25,3 +25,8 @@ Lockbox is a barebones form submission app intended to be easily adaptable for d
* Field ordering is not preserved by default. If you would like spreadsheet columns to appear in a certain order, you can give your form fields a number and an underscore, for example `01_name`, `02_address`, `03_phone` etc. The Lockbox app will remove the numeric prefix when creating the spreadsheet.
* Do not name a form field `email` as it is used for detecting bots.
* Submission time, submission number, and submitter IP address are all added automatically.

## Threat Model

* Lockbox's encryption is intended to protect against attackers that gain read-only access to the webserver where the form is hosted. Attackers that get access to encrypted data cannot decrypt it.
* Lockbox does not and cannot protect against attackers that can modify the web app. The app can be modified so that submissions received *after* the compromise are intercepted before they are encrypted. (Submissions received *before* such a compromise would remain safely encrypted.)

Loading…
Cancel
Save