Closed Bug 240058 Opened 21 years ago Closed 16 years ago

password manager entries do not include scheme

Categories

(Toolkit :: Password Manager, defect)

Product:
Toolkit
Component:
Password Manager
Platform:
x86
All
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: cneberg, Unassigned)

Details

(Whiteboard: CLOSEME?)

The password manager does not remember the http scheme. So it incorrectly assumes that http://somesite.com:443 and https://somesite.com:443 are the same site and suggests you enter your password to the site, no matter whether it is actually secured or not. This bug is a spin off of bug 226278.
I don't think this needs to be flagged confidential. This is how the permission manager works, and we regularly pick up dupes of this so it's not exactly a secret. Some even argue that this is correct behavior (it makes Yahoo work, for instance).
Group: security
Component: Networking: HTTP → Password Manager
-> defaults
Assignee: darin → dveditz
QA Contact: core.networking.http
Product: Browser → Seamonkey
Assignee: dveditz → nobody
SeaMonkey is now using the toolkit Login Manager. This bug should probably be resolved as WFM or FIXED.
Component: Passwords & Permissions → Password Manager
Product: SeaMonkey → Toolkit
QA Contact: password.manager
Whiteboard: CLOSEME?
Fixed by bug 396316.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.