Update password manager recipes from a server/kinto/Remote Settings
Categories
(Toolkit :: Password Manager, enhancement, P3)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox83 | --- | fixed |
People
(Reporter: MattN, Assigned: tgiles)
References
(Blocks 2 open bugs, )
Details
(Whiteboard: [passwords:recipes])
Attachments
(1 file)
Once we have recipes in their own file (bug 1134850), we should update them from a secure server periodically. JSON schema: ```json { "$schema": "http://json-schema.org/draft-04/schema#", "type": "object", "properties": { "siteRecipes": { "type": "array", "items": { "type": "object", "properties": { "description": { "type": "string" }, "hosts": { "type": "array", "items": { "type": "string" } }, "passwordSelector": { "type": "string" }, "usernameSelector": { "type": "string" }, "pathRegex": { "type": "string" }, "notUsernameSelector": { "type": "string" }, "notPasswordSelector": { "type": "string" } }, "required": [ "description", "hosts" ] } } }, "required": [ "siteRecipes" ] } ```
|
Reporter | |
Updated•7 years ago
|
|
||
Comment 1•6 years ago
|
||
Matt, is it still something you would be interested in?
|
|
Reporter | |
Comment 2•6 years ago
|
||
Plans for the new passwords team are still being worked on so I'm not sure yet. I'll mention this on IRC.
|
||
Updated•5 years ago
|
|
|
Reporter | |
Updated•4 years ago
|
|
|
Reporter | |
Updated•3 years ago
|
|
|
Reporter | |
Comment 3•3 years ago
|
||
Hi Benson, are you still the right person to talk to about adding new collections to Remote Settings and kicking this off? I may have some questions for you shortly (e.g. related to tradeoffs on different schemas and versioning of the schema) if I don't find answer in the docs
|
|
||
Comment 4•3 years ago
|
||
Hi Matt, I can try to answer your questions.
About schemas:
- we use them to generate the forms in the UI
- records are validated on creation/update
- the current schema version is stored as record attribute
- when schema is updated, its version is bumped, but no record is modified
- you can filter records based on their schema attribute
See also Kinto API docs https://docs.kinto-storage.org/en/stable/api/1.x/collections.html#collection-json-schema
|
|
||
Comment 5•3 years ago
|
||
Hi Matt,
Yes, I'm the right person to ask.
:leplatrem is the lead engineer and I will defer to him for very specific technical questions.
You can also engage with us in #delivery on slack. I'm in the PST timezone and Mat in a European (UTC+1) timezone.
|
Assignee | |
Updated•3 years ago
|
|
|
Assignee | |
Updated•3 years ago
|
|
|
Reporter | |
Updated•3 years ago
|
|
|
Assignee | |
Comment 6•3 years ago
|
||
|
||
Updated•3 years ago
|
|
||
Comment 7•3 years ago
|
||
:mkmelin,
This bug concerns moving away from the static, in-tree management of recipes for the passwordmgr to Remote Settings, where we can more quickly respond to login form changes in popular sites that would otherwise take weeks to get a fix to end users.
Specifically, the pref signon.recipes.path currently points to chrome://passwordmgr/content/recipes.json, and this patch would move it to resource://app/defaults/settings/main/password-recipes.json - which is a dump from remote settings. This will be essentially static for Fenix/ChromeView, only Firefox will sync these records from the Remote Settings server.
I know TB uses some functions of the password manager, but I don't know if it would ever load LoginRecipes.jsm, or if this new resource path will cause an issue for Thunderbird. Let me know here or on Element/Matrix.
|
||
Comment 8•3 years ago
|
||
Thanks. It looks like Thunderbird doesn't use any of that atm. I'd expect that we need to map/ship resource://app/defaults/settings/main/password-recipes.json though, to avoid test failures.
|
|
||
Updated•3 years ago
|
Pushed by cbrindusan@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/6435c885b3cb Update password manager recipes from Remote Settings. r=sfoster,leplatrem,geckoview-reviewers,esawin
|
||
Comment 10•3 years ago
|
||
| bugherder | ||
Description
•