Closed
Bug 407567
Opened 18 years ago
Closed 17 years ago
Can't add login with empty formSubmitURL and null httpRealm
Categories
(Toolkit :: Password Manager, defect)
Toolkit
Password Manager
Tracking
()
RESOLVED
FIXED
mozilla1.9
People
(Reporter: fligtar, Assigned: Dolske)
References
Details
Attachments
(1 file, 1 obsolete file)
|
7.67 KB,
patch
|
Gavin
:
review+
damons
:
approval1.9+
|
Details | Diff | Splinter Review |
When trying to add a login with an empty ("") formSubmitURL and a null httpRealm, an exception is thrown: Can't add a login without a httpRealm or formSubmitURL.
An empty formSubmitURL is a wildcard and should be permissible, per dolske.
dolske's suggested workaround seems to work for now - using a fake formSubmitURL and then modifying the login to use an empty one.
|
Assignee | |
Comment 1•18 years ago
|
||
I was probably thinking that this case shouldn't be allowed, since one should presumably have a formSubmitURL for new logins. But adding back old login entries as you're doing from your Password Exporter extension seems like a legitimate use case too.
Assignee: nobody → dolske
OS: Mac OS X → All
Hardware: PC → All
Target Milestone: --- → Firefox 3 M11
|
|
Assignee | |
Comment 2•18 years ago
|
||
Attachment #292340 -
Flags: review?(gavin.sharp)
|
|
Assignee | |
Updated•18 years ago
|
Target Milestone: Firefox 3 beta3 → Firefox 3 beta4
|
|
Assignee | |
Updated•18 years ago
|
Target Milestone: Firefox 3 beta4 → Firefox 3 beta5
|
|
Assignee | |
Comment 3•17 years ago
|
||
Untargeting, but we should probably take this for 3.0.1.
Target Milestone: Firefox 3 beta5 → ---
|
|
Assignee | |
Comment 4•17 years ago
|
||
Updated to trunk, and cleaned up the checking in addLogin. It's a little more verbose than it could be, but I think that helps keep it understandable.
One subtle change from the last patch is that a login with both formSubmitURL and httpRealm set to empty-string will result in the "can't set both" error. I had been trying to throw the "need to set one" error because it's a bit less confusing, but that just ends up complicating things, so meh. I suppose we could just add a couple of lines to treat that as a special case, though.
Attachment #292340 -
Attachment is obsolete: true
Attachment #318948 -
Flags: review?(gavin.sharp)
Attachment #292340 -
Flags: review?(gavin.sharp)
|
||
Updated•17 years ago
|
Attachment #318948 -
Flags: review?(gavin.sharp) → review+
|
|
Assignee | |
Comment 5•17 years ago
|
||
Comment on attachment 318948 [details] [diff] [review]
Patch v.2
a1.9?... narrowly scoped change, exhaustive test coverage, no change to how the browser itself saves passwords.
There's a slight risk of breaking login-saving for an extension setting both both the formSubmitURL and httpRealm fields. Such logins would never be used by Firefox, but it's conceivable an extension could hit this. Talked with Gavin about this, felt it was not likely. If it did happen, fixing the extension should be obvious and trivial. Better to shake out any such use now, than it be a problem later.
Attachment #318948 -
Flags: approval1.9?
|
||
Comment 6•17 years ago
|
||
Comment on attachment 318948 [details] [diff] [review]
Patch v.2
a1.9+=damons
Attachment #318948 -
Flags: approval1.9? → approval1.9+
|
|
Assignee | |
Comment 7•17 years ago
|
||
Checking in toolkit/components/passwordmgr/src/nsLoginManager.js;
new revision: 1.30; previous revision: 1.29
Checking in toolkit/components/passwordmgr/test/unit/head_storage_legacy_1.js;
new revision: 1.11; previous revision: 1.10
Checking in toolkit/components/passwordmgr/test/unit/test_top_loginmgr_1.js;
initial revision: 1.1
Status: NEW → RESOLVED
Closed: 17 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → Firefox 3
|
||
Updated•17 years ago
|
Product: Firefox → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•