Review Request: Using KWallet to store Cookies

José Millán Soto fid at gpul.org
Tue Oct 26 03:01:17 BST 2010



> On 2010-08-18 09:02:59, Dawit Alemayehu wrote:
> > In addition to my review below, I have one question for you... Is it really necessary to have the "StoreWhenWalletNotAvaliable" option ?

I'm really sorry for taking so long to answer you.
I thought I had already answered you, but I didn't realize I forgot to click the "Publish" button. :(
The main problem is that if the wallet is not available for whatever reason, the cookies might be stored in a plain text file without the user even realizing.
So this option is there to allow the user to choose which is the preferred option if that happens, either to store the information insecurely or not to store the information at all.


- José


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://svn.reviewboard.kde.org/r/4927/#review7077
-----------------------------------------------------------


On 2010-10-26 01:24:01, José Millán Soto wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://svn.reviewboard.kde.org/r/4927/
> -----------------------------------------------------------
> 
> (Updated 2010-10-26 01:24:01)
> 
> 
> Review request for kdelibs.
> 
> 
> Summary
> -------
> 
> Currently cookies are stored in a plain text file. This patch allows KCookieJar to store the cookies securely using KWallet.
> 
> The main problem I had writing this patch was that when a web page is requested, KIO ask for the cookies to kded using dbus. In the first implementations that I wrote, if the user took too long to open the wallet, KIO received a dbus timeout.
> 
> To prevent this, if it takes more than 10 seconds to open the wallet, the web page will be requested without sending the cookies (or sending the available cookies if there's still the plain text cookie file). If the wallet is opened after that, the cookies stored in the wallet will be available since then.
> 
> Because of this, the feature is disabled by default.
> 
> 
> Diffs
> -----
> 
>   /trunk/KDE/kdebase/apps/konqueror/settings/kio/kcookiespolicies.cpp 1189829 
>   /trunk/KDE/kdebase/apps/konqueror/settings/kio/kcookiespoliciesdlg.ui 1189829 
>   /trunk/KDE/kdelibs/kioslave/http/kcookiejar/kcookiejar.h 1189787 
>   /trunk/KDE/kdelibs/kioslave/http/kcookiejar/kcookiejar.cpp 1189787 
>   /trunk/KDE/kdelibs/kioslave/http/kcookiejar/kcookieserver.h 1189787 
>   /trunk/KDE/kdelibs/kioslave/http/kcookiejar/kcookieserver.cpp 1189787 
> 
> Diff: http://svn.reviewboard.kde.org/r/4927/diff
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> José
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20101026/a47ab36a/attachment.htm>


More information about the kde-core-devel mailing list