Review Request: Make the http kioslave use credentials provided in the url

David Faure faure at kde.org
Thu Aug 20 15:03:27 BST 2009 


> On 2009-07-20 22:16:56, maelcum wrote:
> > Patch looks good.
> > Caching of credentials is already implemented and should work unchanged. I wonder whether it would be a good idea *not* to store credentials supplied by request URL, though...
> > Small critcism: QLatin1String("") makes no sense. Just use QString() - it is a very fast constructor that only references a pre-initialized empty QString object. Converting a QLatin1String, however trivial, is more tedious for both the programmer and the computer.
> > Since trunk is far away from any release feel free to commit after the QString() improvement.

I think storing credentials supplied by the request URL -should- be done. If you type your password in the url for any reason (faster login e.g. from a bookmark, working around a problem with the dialog, ...), you certainly don't want to be prompted again for the password for every image or frame in the page, or for any link you follow. Certainly the authentication should be cached in kpasswdserver at least (not talking about kwallet here, of course).


- David


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.kde.org/r/937/#review1693
-----------------------------------------------------------


On 2009-07-20 22:14:18, Michael Leupold wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://reviewboard.kde.org/r/937/
> -----------------------------------------------------------
> 
> (Updated 2009-07-20 22:14:18)
> 
> 
> Review request for kdelibs and maelcum.
> 
> 
> Summary
> -------
> 
> Currently it's not possible to supply http credentials using the request URL (like http://lemma:mypassword@somewhere.com). I couldn't find any other possibility to "infuse" the credentials without user interaction (which is nice to have in some cases, eg. when doing rpc-over-http).
> 
> This patch is currently more a proof of concept. I'm not sure:
> - if the credentials should be cached in KPasswdServer if authentication succeeds
> - if this is the right way at all. Insights very welcome.
> 
> 
> Diffs
> -----
> 
>   /trunk/KDE/kdelibs/kioslave/http/http.cpp 1000119 
> 
> Diff: http://reviewboard.kde.org/r/937/diff
> 
> 
> Testing
> -------
> 
> Manual tests using kioclient and konqueror indicate it works as (I) expected.
> 
> 
> Thanks,
> 
> Michael
> 
>

More information about the kde-core-devel mailing list