你能帮我制作适用三星A8000的twrp么？？？

it would be nice to add open graph tags to the page, so that sharing a link on pages and programs gives a nice preview of the page.
the basic tags look like this

<meta property="og:title" content="The Rock" />
<meta property="og:type" content="video.movie" />
<meta property="og:url" content="http://www.imdb.com/title/tt0117500/" />
<meta property="og:image" content="http://ia.media-imdb.com/images/rock.jpg" />

Hello,

Thanks for all the great work guys!
If time allows could you please change the way the actual images are linked on the website? Somehow android brosers (or even curl) are unable to correctly follow the link and always come up with the image download site itself (which is named the esact same way as the image plus a .html extension attached to the end). So practically you need an other device (eg. pc) to download the image and then transfer it to the phone/tablet/whatever.

Cheers,
Istvan

Hi BigBiff is possible to add new Brand Umidigi to the twrp tree?
this is the Official Umidigi Recoveries Repository:
https://github.com/ghost-45/Umidigi-
Thanks in advance !

The supersu installation(system mode) in recovery does seem successful, but after booting to system, supersu app says "no su binary installed".

Sir help me building twrp for asus z00sd zc451tg

twrp 3.0.0.0 not working on treltexx

black screen after power on

Attribute “vspace” not allowed on element “iframe” at this point.

Attribute “hspace” not allowed on element “iframe” at this point.

Bad value “true” for attribute “allowfullscreen” on element “iframe”.

The “frameborder” attribute on the “iframe” element is obsolete. Use CSS instead.

The “marginwidth” attribute on the “iframe” element is obsolete. Use CSS instead.

The “marginheight” attribute on the “iframe” element is obsolete. Use CSS instead.

The “allowtransparency” attribute on the “iframe” element is obsolete. Use CSS instead.

The “scrolling” attribute on the “iframe” element is obsolete. Use CSS instead.

The “center” element is obsolete. Use CSS instead.

Attribute “border” not allowed on element “input” at this point.

Attribute “vspace” not allowed on element “iframe” at this point.

Attribute “hspace” not allowed on element “iframe” at this point.

Bad value “true” for attribute “allowfullscreen” on element “iframe”.

The “frameborder” attribute on the “iframe” element is obsolete. Use CSS instead.

The “marginwidth” attribute on the “iframe” element is obsolete. Use CSS instead.

The “marginheight” attribute on the “iframe” element is obsolete. Use CSS instead.

The “allowtransparency” attribute on the “iframe” element is obsolete. Use CSS instead.

The “scrolling” attribute on the “iframe” element is obsolete. Use CSS instead.

errors on twrp.me
not all are important, but some could/should be fixed

When i'm trying send a message in your site, i'm getting error

502 Bad Gateway

nginx/1.10.0 (Ubuntu)

So can you fix that bug, or give me your mail.
P.S. I wanna become a maintainer.

hello,i found that i cant find android_device_lenovo_wt86518 on gerrit.twrp.me so i cant make any changes to the tree.hope to fix it:)

For example, hammerhead normal links points here, here and here, only one mirror has latest version.

The download's link for twrp-2.8.6.0-titan.img points to the same page.

i want to flash twrp.img into my devices.. but i am afraid not to work cause when i itry to backup my recovery.img i says failed as always.. thanks i hope you can help me about this..

GPG fails to verify the latest TWRP for OP3.

Steps to reproduce:

• Download 3.2.1-0 .img + .asc + .md5 from https://eu.dl.twrp.me/oneplus3/twrp-3.2.1-0-oneplus3.img.html
• Download Public Key from https://eu.dl.twrp.me/public.asc
• md5sum -c twrp-3.2.1-0-oneplus2.img.md5 says md5sums match
• gpg> trust TeamWin\r 5\r Give ultimate Trust to public key
• gpg --verify twrp-3.2.1-0-oneplus3.img.asc returns "BAD signature from admin@teamwin..."

I thought maybe I did something wrong, so I tried again today on my office PC (windows). GPG4Win also shows the signature is invalid. Key Fingerprint is fine. GPG on Linux showed the signature was made on Dec 10th 2017...

Now considering I can successfully verify any other image (I tried hammerhead v3.2.1-0 + v3.2.1-1), and the md5sum of my oneplus3 download matches, there's either a rogue image which exploits an md5 collision... Or the .asc is corrupt/for another file.

9979a90f6ca15559c9db21c1b6b14c38 twrp-3.2.1-0-oneplus3.img.asc

Turn off browser content sniffing to protect against content sniffing exploits. When processing a response, browsers sometimes ignore the MIME type in the Content-Type header and guess the type based on the contents of the response. This is called content sniffing and is done to improve the user experience when Content-Type headers are inaccurate or missing. However, this behaviour can be exploited. For example, if your site allows users to share images, an attacker might be able to upload a specially crafted image file that contains JavaScript code. A browser performing content sniffing might then be tricked into executing the malicious file. To reduce content sniffing attacks, set the X-Content-Type-Options response header to nosniff. This tells browsers to avoid guessing response types and to rely only on the Content-Type header.

I am a newbie to GitHub... so, please excuse me if this is not the right place for this issue. I have just (first time with rooting etc.) installed TWRP 2.8.6 (seems to be working fine) on a Moto X 2013 (XT-1052). However, whenever I try to flash CM11/12 from zip file I get the message "Error flashing zip file" and failed as the outcome. Any help would be appreciated.

Hello I want to translate this app to Uyghur language.How can I contact with you?

Attempting to download a recovery image by passing the URL to wget or curl downloads HTML. Specifically, it seems to give the overview page for the download (e.g. https://dl.twrp.me/athene/twrp-3.1.0-0-athene.img.html). Also, if one removes the ".html" from the end of the URL, Firefox (50.1.0) will happily load the exact same page and not prompt a download. I've tried with a couple of different images and they all seem to have the same problem. Clicking on the link itself works as expected although Firefox seems to think the file is text.

For example, trying to download https://dl.twrp.me/athene/twrp-3.1.0-0-athene.img with wget serves up a 7.1KB Web page.

This post on Google Plus seems to describe the same problem: https://plus.google.com/114004832310481604983/posts/7SJYcB1pJB2

Seems like a Web server misconfiguration.

Certification Authority Authorization (CAA), specified in RFC 6844 in 2013, is a proposal to improve the strength of the PKI ecosystem with a new control to restrict which CAs can issue certificates for a particular domain name.

Hi,
There is a step in Odin Install Method that I don't understand ! :
"Note many devices will replace your custom recovery automatically during first boot.
To prevent this, use Google to find the proper key combo to enter recovery.
After typing fastboot reboot, hold the key combo and boot to TWRP."
I know the proper key combo to enter recovery on my device but what about "typing fastboot reboot" ??
What is it ? Can someone explain me clearly what to do just after the installation of TWRP with Odin.

here under TeamWin link is old

As stated I took my perfect-working TWRP 3.3.0 on my Galaxy Note 4 N910V (Verizon Model) and HAD TO upgrade it like a total buffoon, without paying complete and total attention so as to install Lineage 16.0 (Pie) onto it.

Upon reboot into bootloader the finger swipe does not match ANYWHERE I intend to tap/swipe on the screen, and downgrading TWRP to earlier versions through ODIN does nothing. Complete OS boot-up does not allow encryption key entry as the keyboard is "not where you tap it" on the screen resulting in multiple "failed passwords".

Please help me to find the 1st few yellow bricks to step on, and I hope to construct the path to success from there.

In the Internet there are builds for t315. Could you add this device?

Developers have made a black themed twrp app. If Twrp gives the user the native option to view it in Dark instead of White only, it would have been easier in eyes & battery. Because the brightness level in Twrp is usually like 100% by default, so dark option would have made life easier.

Dark mode is a trending feature these days. Why the original app is lacking behind!?

Posted signatures on https://dl.twrp.me/hlte/twrp-3.3.1-0-hlte.img.html:
3e780d2261bf49ebb6f3f5ad7afbf63a twrp-3.3.1-0-hlte.img
d66c0d66cca97ddf67eaeef605a5ed5394b522e53c21c03c8df59a3b87d841a0 twrp-3.3.1-0-hlte.img

Actual current checksums today:
d73a7efe2b0daa967bc301fac370e052 twrp-3.3.1-0-hlte.img
1739f9f996a9e898961b39e08ea3ef54d710dc3560d73d20347de7f78a0345f9 twrp-3.3.1-0-hlte.img

Hello,

Apparently certificate on https://twrp.me has expired. Could you please renew it?

Thanks in advance.

Cheers,
Furai

Implement Strict Transport Security (HSTS) for better security on the site.

using sumbmit on https://twrp.me/contactus/ I get 502 Bad Gateway (nginx error)

On a mobile device, the drop-down menu seems to be placed under the ad banner, so the only clickable link is the contact one. Unless the user dismisses the ad (either by selecting "ad covers page" or by using an ad-blocker), the menu is useless.

I found a broken Link in https://github.com/TeamWin/twrpme/blob/master/_samsung/samsunggalaxytrend.markdown . The device tree doesn't exist anymore. I didn't find another one on github, if so I woud have made a PR to replace it with the actual one.

Edit I found the new one: https://github.com/TeamWin/android_device_samsung_kyleve

I just wanted to let you know that when sending information via the bottom portion of the following link...

https://twrp.me/contactus/

... Results in receiving the following via email:

Mail Delivery System [email protected]
The mail system

[email protected]: host ASPMX.L.GOOGLE.COM[74.125.192.26] said: 550-5.7.1
Unauthenticated email from yahoo.com is not accepted due to domain's
550-5.7.1 DMARC policy. Please contact the administrator of yahoo.com
domain if 550-5.7.1 this was a legitimate mail. Please visit 550-5.7.1
https://support.google.com/mail/answer/2451690 to learn about the 550 5.7.1
DMARC initiative. e22-v6si1187404qvf.247 - gsmtp (in reply to end of DATA
command)

~Ibuprophen

Implement OCSP stapling on the site for better security

Configure your server to send data in a compressed format to reduce transfer times. For compressible files, compression can reduce the amount of data that needs to be sent by around 70% for only a small amount of configuration effort. Text-based data formats such as HTML, CSS, JavaScript, plain text, XML, JSON and SVG should almost always be sent with compression enabled. However, we recommend only compressing responses above 1,000 bytes in size as compressing small files can actually increase the response size and compression has a server CPU overhead. To confirm your server is sending a URL response in a compressed format, you should 1) verify the Content-Encoding response header is being returned and 2) check the value of that header is set to the name of a compression scheme such as gzip, deflate or br. If you're checking from your own machine that runs antivirus software, be aware there's been cases where HTTP scanning features have been found to disable compression before responses reach your browser. Also, it isn't unusual to see misconfigured servers which compress some compressible file types like HTML but forget to do it for others like CSS so be on the look out for this.

not really important for this page, but would also not hurt

Cara psanga ya

After flashing TWRP to my Xiaomi MI5S I had 'no network available' on calls.
Reflashing the xiaomi rom got it to work again.

I am in NL, using TMobile access.

Just curious 😃

the page does not seem to have a favicon.

it is always nice to have an favicon to make the page better looking and easier to distinguish to others in the tab overview.

https://en.wikipedia.org/wiki/Favicon

something like

<link rel="shortcut icon" href="/images/favicon.ico">

I have an Alcatel One Touch Fierce XL, and currently there's no recovery available for it. I love your recovery apps, so how can I put a request in for one to possibly be made?

When I'm using Odin3 v3.12 I get:

FAIL! (Size)

When I'm using Heimdall v1.4.0:

ERROR: Failed to confirm end of file transfer sequence!

Questions:

• What can I do to work around the problem?
• What is the cause?
• I have Samsung Galaxy S4 mini, not branded, Germany. LineageOS calls it serranoltexx, you call it serranoveltexx... is it the same?

Additional Info:

• I confirmed the md5sum for twrp 3.0.2-0
• I also tried twrp 2.8.7.1 with Odin, same error.

Avoid leaking information to attackers by removing response headers that say what software is running on your web server. Many web servers give the name and versions of software that were used to respond to a request within the response headers. For example, a server might respond with the header Server: Apache/2.2.20 (Win32) PHP/5.3.10 when a page is requested. This can give hints to attackers on how to search for vulnerabilities. Response headers that can contain software version information include the Server, Powered-by, ASPNET and ASPNETMVC headers. You should configure your server to suppress headers like these. Note that a determined attacker can uncover details about your server configuration in other ways and can find exploits without knowing this information anyway. However, making life a little harder for an attacker by keeping this information hidden doesn't usually require a lot of effort

currently: `server: nginx/1.10.3 (Ubuntu)

Downloading images with wget fails without error.

$ wget https://dl.twrp.me/crackling/twrp-3.0.3-0-crackling.img
--2017-02-06 01:53:21--  https://dl.twrp.me/crackling/twrp-3.0.3-0-crackling.img
Resolving dl.twrp.me (dl.twrp.me)... 198.27.116.169
Connecting to dl.twrp.me (dl.twrp.me)|198.27.116.169|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 7283 (7.1K) [text/html]
Saving to: ‘twrp-3.0.3-0-crackling.img’

twrp-3.0.3-0-crackling.img      100%[===========================>]  7.11K  --.-KB/s  in 0s

2017-02-06 01:53:21 (847 MB/s) - ‘twrp-3.0.3-0-crackling.img’ saved [7283/7283]

$ gpg --verify twrp-3.0.3-0-crackling.img.asc 
gpg: assuming signed data in 'twrp-3.0.3-0-crackling.img'
gpg: Signature made Thu 19 Jan 2017 13:14:41 GMT
gpg:                using RSA key 1D8597D7891A43DF
gpg: BAD signature from "TeamWin <[email protected]>" [unknown]

Instead it downloads the download page. This seems dangerous: a user who doesn't verify the integrity of their download would flash this file to their device.

Additionally, the .asc extension on the signature file suggests that it is ASCII-armoured, but it isn't.

"F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device."

https://f-droid.org

It's been almost a year since I've been trying twrp recovery images for santoni, from twrp-santoni, and even the latest version posted so far, 3.2.3-0, can't decrypt my encrypted LOS (using a pin for decrypting).
I used to have the option of the "teamghost" recovery image, dated from January this year (becoming old?), from ghost-twrp-santoni, but with latest LOS encryption, that one doesn't work anymore either.
This is bad, because when in need to do dirty wipes, to do zip upgrades on major LOS changes, there won't be an option for that. The only option is to do clean wipes, wiping the entire system and data, which should only happen on 1st install...
As we're talking recovery images, I have no clue how to provide data other what I have provided already. Reproducing should be pretty straight forward. Use a pin for security, encrypt, so that decryption requires the pin, and then try decrypting though the recovery TWRP.
Thanks !

Implement Public Key Pinning (HPKP) on the website for better security.

https://dl.twrp.me/chagallwifi/twrp-3.2.3-0-chagallwifi.img.html

This image file seems corrupted - neither the hashes nor the signature matches for me. Am I missing something?

Consider adding preconnect or dns-prefetch resource hints to establish early connections to important third-party origins. learn more

How to set password when enter in twrp? its really?

https://twrp.me/app/

Primary (Europe) -> DEAD

Thanks

there is not robots.txt in the root directory.
having such a file is highly recommended

User-agent: *
Disallow:

this would be a basic robots.txt which would be enough for the beginning

also setting the sitemap location is a nice thing to do
just add Sitemap: http://example.com/sitemap.xml as last line