Closed Bug 26507 Opened 20 years ago Closed 20 years ago

URL bar should hide passwords

Categories

(Core :: Networking, enhancement, P3)

enhancement

Tracking

()

VERIFIED INVALID

People

(Reporter: elladan, Assigned: gagan)

Details

(Whiteboard: security)

When the user enters passwords in the form of:

ftp://user:password@ftp.host.com/

It would be nice if the URL bar hides the password.  The heuristics for knowing
if the user is entering a password while she's typing it may be a bit goofy
(basically, look for a colon I guess), but at least once the URL is typed in,
this can be determined easily.

The browser should never show passwords in plain text if it can help it.

(Note that currently, the URL's in FTP view are completely broken, so you can't
see where you are at all.  This would be for when they work again ;-)
I think Netscape 4.x did not have this, right?

Leger - where would this go? Networking or Password Cache?
nope, old 4.x builds never hid the passwords.  i think the old workaround is 
just use ftp://you@yourhost.com and let the browser prompt you for your 
password.

I think the key thing to check would be to make sure the password is not sent 
as part of the URL in the HTTP command.  that would be bad because that info 
lands in everybody's HTTP logs.
On the previous note, the password shouldn't go into the browser's history
file without at least prompting first, either.  This is a real issue with
lab settings etc.  (But a different issue from this bug)

Last time I checked, some other popular browsers forced people to enter
their passwords fully on the URL line (no prompt option), and then happily 
saved them in public places.
Moving to networking component
Component: Browser-General → Networking
Reassign to component owner.
Assignee: leger → gagan
QA Contact: cbegle → tever
I don't quite agree that we should try and remove the password from the location 
bar. As cbegle pointed out there is a work around if you don't want your 
password to be displayed in the bar. However there is a second point raised by 
her for which I can assure from HTTP side that we don't send the password but 
for FTP I am cc'ing this bug to valeski (to verify we don't send passwords in 
URL with the proxied HTTP request...)
Whiteboard: security
we do send them in FTP.
Target Milestone: M16
marking as invalid.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
Marking Verified as Invalid.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.