Closed
Bug 1120836
Opened 10 years ago
Closed 10 years ago
Use a lazy getter to decrypt usernames and passwords
Categories
(Toolkit :: Password Manager, enhancement)
Toolkit
Password Manager
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: MattN, Unassigned)
References
Details
Currently, if we construct a login object from storage we decrypt the username and password field at construction time which may lead to a master password prompt. I think we should be able to do the decryption in a lazy getter so the decryption only happens when it's actually needed.
The main use-case at the moment is that we are adding telemetry for saved signons in dependencies of bug 672979 and we don't want to trigger a MP seemingly randomly at telemetry gathering time if, for example, we only need to look at timesUsed or lastUsed.
The was some other use case in the past to avoid a MP prompt in another non-telemetry case but I don't remember what it was at the moment.
Comment 1•10 years ago
|
||
I don't think we should do this for telemetry, as there are better ways to avoid the prompt.
Wallet used to do this, and we explicitly didn't in login manager because a lazy getter can result in a flood of master password prompts and/or having to make lots of code aware of the master password problem.
Given that the direction we're headed towards is a single, explicit sign-in-to-browser action (instead of randomly waiting for something to want a password and trigger the prompt), I'm going to call this WONTFIX.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•