On Fri, May 20, 2016 at 3:28 PM, Magnus Hagander <magnus@hagander.net> wrote:
>
> On Fri, May 20, 2016 at 3:20 PM, Magnus Hagander <magnus@hagander.net>
> wrote:
>>
>> On Fri, May 20, 2016 at 10:30 AM, Dave Page <dpage@pgadmin.org> wrote:
>>>
>>> Further to discussion at PGCon this morning, webkit based browsers no
>>> longer display the realm text when displaying password prompts. This
>>> was used by our archives code to tell the user what username/password
>>> to enter when downloading mbox files (which are loosely protected
>>> against bot downloads as they contain email addresses).
>>>
>>> The attached patch adds a note to the appropriate template to convey
>>> the username/password info on the page. It's currently untested as I
>>> don't have a pgarchives test environment.
>>>
>>> Magnus - can you test/apply please?
>>
>>
>> It's not just for mbox files though, it's also for viewing the raw
>> messages. Don't we have the same problem there?
Urgh, yeah. I guess we could put the note after the "raw" link on each
message, but it'll be kinda ugly.
> FWIW, this seems to be treated as a bug in Chrome:
> https://bugs.chromium.org/p/chromium/issues/detail?id=544244 (comment 22 and
> forward, in particular the reference to the standard at #35)
>
> So perhaps we should give it some time and see if they change?
Yeah.
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
