'Re: Review Request: Make the http kioslave use credentials provided'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Review Request: Make the http kioslave use credentials provided
From:       "David Faure" <faure () kde ! org>
Date:       2009-08-20 14:03:27
Message-ID: 20090820140327.24197.8602 () localhost
[Download RAW message or body]



> On 2009-07-20 22:16:56, maelcum wrote:
> > Patch looks good.
> > Caching of credentials is already implemented and should work \
> > unchanged. I wonder whether it would be a good idea *not* to store \
> > credentials supplied by request URL, though... Small critcism: \
> > QLatin1String("") makes no sense. Just use QString() - it is a very \
> > fast constructor that only references a pre-initialized empty QString \
> > object. Converting a QLatin1String, however trivial, is more tedious \
> > for both the programmer and the computer. Since trunk is far away from \
> > any release feel free to commit after the QString() improvement.

I think storing credentials supplied by the request URL -should- be done. \
If you type your password in the url for any reason (faster login e.g. from \
a bookmark, working around a problem with the dialog, ...), you certainly \
don't want to be prompted again for the password for every image or frame \
in the page, or for any link you follow. Certainly the authentication \
should be cached in kpasswdserver at least (not talking about kwallet here, \
of course).


- David


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.kde.org/r/937/#review1693
-----------------------------------------------------------


On 2009-07-20 22:14:18, Michael Leupold wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://reviewboard.kde.org/r/937/
> -----------------------------------------------------------
> 
> (Updated 2009-07-20 22:14:18)
> 
> 
> Review request for kdelibs and maelcum.
> 
> 
> Summary
> -------
> 
> Currently it's not possible to supply http credentials using the request \
> URL (like http://lemma:mypassword@somewhere.com). I couldn't find any \
> other possibility to "infuse" the credentials without user interaction \
> (which is nice to have in some cases, eg. when doing rpc-over-http). 
> This patch is currently more a proof of concept. I'm not sure:
> - if the credentials should be cached in KPasswdServer if authentication \
>                 succeeds
> - if this is the right way at all. Insights very welcome.
> 
> 
> Diffs
> -----
> 
> /trunk/KDE/kdelibs/kioslave/http/http.cpp 1000119 
> 
> Diff: http://reviewboard.kde.org/r/937/diff
> 
> 
> Testing
> -------
> 
> Manual tests using kioclient and konqueror indicate it works as (I) \
> expected. 
> 
> Thanks,
> 
> Michael
> 
> 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic