From kde-core-devel Tue Apr 19 15:55:54 2011 From: todd rme Date: Tue, 19 Apr 2011 15:55:54 +0000 To: kde-core-devel Subject: Re: Review Request: Using KWallet to store Cookies Message-Id: X-MARC-Message: https://marc.info/?l=kde-core-devel&m=130322862510845 On Tue, Apr 19, 2011 at 7:40 AM, Leo Savernik wrote: > Am Freitag, 21. Januar 2011 schrieb José Millán Soto: >> Currently cookies are stored in a plain text file. This patch allows >> KCookieJar to store the cookies securely using KWallet. >> >> The main problem I had writing this patch was that when a web page is >> requested, KIO ask for the cookies to kded using dbus. In the first >> implementations that I wrote, if the user took too long to open the >> wallet, KIO received a dbus timeout. >> >> To prevent this, if it takes more than 10 seconds to open the wallet, the >> web page will be requested without sending the cookies (or sending the >> available cookies if there's still the plain text cookie file). If the >> wallet is opened after that, the cookies stored in the wallet will be >> available since then. >> >> Because of this, the feature is disabled by default. > > Is this feature going to stay disabled by default? > > I'm asking for two reasons. > 1. My partition is already encrypted. I don't need double encryption. > 2. I'd really hate it if the KWallet password dialog pops up by simply > browsing (while not logging on and not completing forms) as virtually any page > uses cookies. If someone knows enough to encrypted home partitions they probably know enough to disable this feature as well. I think the decision about whether it should be enabled by default should be made based on regular users who don't know as much. -Todd