search

dlenski / gp-saml-gui

Interactively authenticate to GlobalProtect VPNs that require SAML
GNU General Public License v3.0
293 stars 66 forks source link

show web origin in window title #99

Closed mildsunrise closed 4 months ago

mildsunrise commented 4 months ago

this inserts the origin of the page in the browser's window, so that instead of

SAML Login

it shows

SAML Login (https://company.okta.com)

or whatever.

I know it's a small detail, but I think it's important to show it since it allows you to verify you're not typing your SSO credentials (for the whole organization) into a page that isn't the SSO portal (or isn't HTTPS). Everything shown inside the window is within the page's control, but the origin is not.

dlenski commented 4 months ago

I know it's a small detail, but I think it's important to show it since it allows you to verify you're not typing your SSO credentials (for the whole organization) into a page that isn't the SSO portal (or isn't HTTPS).

Won't the webview show an error if it redirects from HTTPS → insecure HTTP, though?

Related: https://github.com/react-native-webview/react-native-webview/issues/3086 and https://stackoverflow.com/questions/6909351/how-can-i-display-an-address-bar-with-a-webview

dlenski commented 4 months ago

this inserts the origin of the page in the browser's window

Seems fine, but do you think that displaying a grayed-out address bar widget would be clearer? Or perhaps putting a locked/unlocked icon in somewhere?

        urip = urlparse(uri)
        origin = '%s %s' % ('🔒' if urip.scheme == 'https' else '🔓', urip.netloc)
        self.window.set_title("SAML Login (%s)" % origin)
pboushy commented 4 months ago

those icons are identical. Would be better to have an icon that looks different from the lock. 🔴 ? or 🚫 ?

mildsunrise commented 4 months ago

Seems fine, but do you think that displaying a grayed-out address bar widget would be clearer?

it would be, but I don't have bandwidth right now for that much bulkier change. I'd suggest putting it in the title for now, and later we can upgrade it to an address bar.

Or perhaps putting a locked/unlocked icon in somewhere?

Showing an emoji seems like a very good idea, since the "s" in the protocol is hard to miss. I'll implement that.

But I agree with @pboushy that those two emojis are nearly identical... I'll put 🔒 and 🔴