Closed Bug 955382 Opened 7 years ago Closed 7 years ago
XMPPSession shouldn't keep copies of the account's password
*** Original post on bio 1944 at 2013-04-20 22:43:00 UTC *** *** Due to BzAPI limitations, the initial description is in comment 1 ***
*** Original post on bio 1944 as attmnt 2396 at 2013-04-20 22:43:00 UTC *** Here is the strings kept around by XMPPSession while my Gtalk account is connected: modules\xmpp-session.jsm: "Instantbird" modules\xmpp-session.jsm: "PasSwOrD" modules\xmpp-session.jsm: "gmail.com" modules\xmpp-session.jsm: "1A34D8BCFB8DDCD7" modules\xmpp-session.jsm: "retina" modules\xmpp-authmechs.jsm: "PasSwOrD" modules\xmpp-authmechs.jsm: "f.queze" "Instantbird" is the default resource (exported symbol from this module...), "retina" is my account's resource. "f.queze" and "gmail.com" are part of my JID. The hexadecimal string is the stream id (not sure we really want to keep it). I really dislike that we keep around the user's password, and that we keep account the object from xmpp-authmechs. After the session is started, we no longer need that.
Attachment #8354163 - Flags: review?(clokep)
*** Original post on bio 1944 at 2013-04-20 22:46:18 UTC *** Note: the patch is completely untested; I'll test it the next time I restart my debug build (I would like to keep the current process of it running the whole night to see if memory usage of JS strings increases after a few hours...).
Comment on attachment 8354163 [details] [diff] [review] Patch *** Original change on bio 1944 attmnt 2396 at 2013-04-21 12:17:22 UTC *** I don't see anything unreasonable, but please test it before checking in!
Attachment #8354163 - Flags: review?(clokep) → review+
*** Original post on bio 1944 at 2013-05-21 19:58:58 UTC *** http://hg.instantbird.org/instantbird/rev/9de9c6394579
Assignee: nobody → florian
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → 1.5
You need to log in before you can comment on or make changes to this bug.