Closed
Bug 390801
Opened 17 years ago
Closed 16 years ago
Thunderbird "strangely" stores IMAP/POP/LDAP credentials in password manager
Categories
(Thunderbird :: Security, defect)
Thunderbird
Security
Tracking
(Not tracked)
RESOLVED
FIXED
Thunderbird 3.0b2
People
(Reporter: damiano.albani, Unassigned)
References
Details
User-Agent: Mozilla/5.0 (X11; U; Linux i686; fr-FR; rv:1.8.1.3) Gecko/20070310 Iceweasel/2.0.0.3 (Debian-2.0.0.3-1) Build Identifier: Thunderbird 2 When Thunderbird stores connection credentials for IMAP/POP servers into the password manager, the login is embedded in the nsIPassword.host property, e.g. : Host Username Password imap://login@domain.com (empty) <password> mailbox://login@domain.com (empty) <password> Is there any particular technical reason to this ? I'm developing some kind of password management extension for Thunderbird and this behavior causes me some trouble. The issue becomes more annoying with LDAP directories, as only the URI is stored in the host property, losing the "bind DN" information, which can be considered as the username in a way. So, as far as I understand it, it's not possible to have Thunderbird remember the passwords for 2 LDAP directories with the same URI but different bind DN, is it ? On a side note, when you look at stored passwords in the "view saved passwords" window, there can be encoding issues at times, e.g. "firstname.surname" is displayed as "firstname%2Esurname". So I think username and password cells in the XUL tree should be passed through decodeURIComponent(). See <http://mxr.mozilla.org/mozilla1.8/source/mail/components/preferences/viewpasswords.js#205> Reproducible: Always
Comment 1•16 years ago
|
||
This is currently being looked at as part of bug 239131. That bug may not fully resolve the LDAP problems. Marking as a dependency and we can revisit it once bug 239131 is fixed.
Updated•16 years ago
|
Assignee: dveditz → nobody
Comment 2•16 years ago
|
||
The display of these are now fixed with the landing of bug 239131. LDAP directories are a different issue that is already filed.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Updated•16 years ago
|
Target Milestone: --- → Thunderbird 3.0b2
You need to log in
before you can comment on or make changes to this bug.
Description
•