[Webkit-unassigned] [Bug 213177] [GTK][WPE] Add API to allow applications to handle the HTTP authentication credential storage
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jun 23 08:33:38 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=213177
--- Comment #8 from Michael Catanzaro <mcatanzaro at gnome.org> ---
> 1- Already remembered password will be lost from the user point of view. I'm not sure it's possible to write a migrator that reads the webkit passwords and stores them in ephy.
It's impossible, because there's no way to tell which passwords were saved by WebKit. That's the problem with using the default network schema: all the credentials are "leaked". The only way to clean them up is to delete everything using the default schema, but that would delete credentials saved by random apps. Well, you could write a migrator that would migrate *every* secret, but it would necessarily migrate passwords saved by random apps, so I don't think it's a good idea. I would treat all previous HTTP auth passwords as permanently lost.
It would be nice for WebKit to stop using the default schema altogether when built with USE(GTK4).
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200623/003097bb/attachment.htm>
More information about the webkit-unassigned
mailing list