Open Bug 1426656 Opened 4 years ago Updated 1 year ago
Add "disable HTTP authentication prompts" for this site to auth prompt dialog
As we still have reports of bugs like Bug 1425264 it would be good to mitigate this somehow. We have implemented a limit of content 'alert("foo")' attacks by adding a "disable prompts for this site" in context of a tab. Something similar could be implemented for authentication, I think binding to TLD+1 could be the right context. Re-allow should be allowed from the addressbar notification area, probably it could be a permission, to piggyback on the existing model.
Component: Notifications and Alerts → Password Manager
Priority: -- → P2
Priority: P2 → P3
You need to log in before you can comment on or make changes to this bug.