jks

And today's v1.372 release does exactly that: verified time slots are shown in a different color.

And today's v1.372 release does exactly that: verified time slots are shown in a different color.

Lol. I don't even remember how this stuff works anymore.

So kiwirecorder has a new option "--tlimit-pw" ("--tlimit-password") to specify the time limit exemption password. That was easy. No server changes required (for a change).

What was interesting was that I found an old exemption mechanism in the code that I had forgotten about. It doesn't use a password. I must have put that in there when people were complaining about their kiwirecorder sessions being disconnected (on a time-limited Kiwi) before exemption passwords were implemented. But a hacker who discovered this mechanism could use it in an injection session to get unrestricted browser access, which is exactly what you are seeing.

So the next release will remove this old mechanism and people will have to get the actual password from the Kiwi owner for making long recordings that exceed the time limit (if configured).

Lol. I don't even remember how this stuff works anymore.

So kiwirecorder has a new option "--tlimit-pw" ("--tlimit-password") to specify the time limit exemption password. That was easy. No server changes required (for a change).

What was interesting was that I found an old exemption mechanism in the code that I had forgotten about. It doesn't use a password. I must have put that in there when people were complaining about their kiwirecorder sessions being disconnected (on a time-limited Kiwi) before exemption passwords were implemented. But a hacker who discovered this mechanism could use it in an injection session to get unrestricted browser access, which is exactly what you are seeing.

So the next release will remove this old mechanism and people will have to get the actual password from the Kiwi owner for making long recordings that exceed the time limit (if configured).