Open cloutierjo opened 7 years ago
+1
As a work around with keepass, I've added a custom auto type sequence based on the basic auth popup title. So connecting to those 4 web sites I use with basic auth is only triggering auto type and selecting the right web site from those 4 choice.
This is really only a work around for keepass specific use case and I'm still trying to find a real solution to this.
This is no option for me, since i have more than 200 Entrys for the Window Title "Authentication required". We must find another way...
I think the better fix might be on the keepass side. I can't find anything with the new webExtension API
I've also run up against this. I have about 15 entries for such basic auth sites and it's starting to get obnoxious. The browser internal password manage knows how to keep them straight but it's not passing anything useful that I can see. I'm using the same hack as above for KeepassXC but having to pick between them is not ideal.
Same challenge here. titleUrl is presently not able to add the URL to HTTP Basic Auth pop up. With large amount of HTTP Basic Auth pop ups it's hard and slow to scroll through a long list to find the correct entry.
Steps to reproduce
Authentication Required - https://<URL.HERE>
Instead of Authentication Required
keepass-helper add-on is able to do add URL to HTTP Basic Auth pop up. Maybe some of its open source code could be recycled for add-url-to-window-title?
Any volunteer for a patch? I would be happy to contribute testing and or documentation.
Using:
Similar challenge at https://github.com/erichgoldman/add-url-to-window-title/issues/13
Workaround This is an additional temporary workaround. This MultiPass Disarmed for HTTP basic auth add-on is able to store HTTP Basic Authentication credentials.
Strength
Challenge It seems to presently have weak storage security. In plain text. I mean a not authorized person with access to your computer would be able to read anything stored using this add on. Such as HTTP Basic Authentication URLs, usernames, and passwords. Related ticket at https://github.com/excitoon/MultiPassDisarmed/issues/2
Suggestion Use this add-on only for appropriate sites. Which do not contain sensitive information. Or off-line.
keepass-helper use an older plugin API that isn't supported in recent firefox version. it isn't possible to reproduce what they where doing with the new plugin API.
I think our best hope is with this firefox feature request: https://bugzilla.mozilla.org/show_bug.cgi?id=613785
The title of the windows seen by keepass on websites with basic authentication, mostly companies with intranet services, isn't changed.