You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be nice to eliminate userinfo in the next 3 to 4 decades. As a starting point, let's introduce an auth URI, as described here.
To make it an actually concrete proposal tho, the described syntax is fine but the semantics need to be defined. An auth URI's first parameter should be method, if it's missing default to userinfo. The userinfo method takes parameters user and pass. So an auth URI like auth:?user=foo&pass=bar&&https://example.org (or the long form auth:?method=userinfo&user=foo&pass=bar&&https://example.org) replaces https://foo:[email protected]. A second method, vault, should also be available if a vault/password manager (like KeePassXC) is installed; it takes parameters user, an optional index (if multiple saved passwords exist for the same username-hostname combination), and an optional host (for using a different host's credentials). for example auth?method=vault&user=foo&&https://example.org or auth?method=vault&user=foo&host=example.org&&https://wiki.example.org.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
It would be nice to eliminate userinfo in the next 3 to 4 decades. As a starting point, let's introduce an auth URI, as described here.
To make it an actually concrete proposal tho, the described syntax is fine but the semantics need to be defined. An
auth
URI's first parameter should bemethod
, if it's missing default touserinfo
. Theuserinfo
method takes parametersuser
andpass
. So an auth URI likeauth:?user=foo&pass=bar&&https://example.org
(or the long formauth:?method=userinfo&user=foo&pass=bar&&https://example.org
) replaceshttps://foo:[email protected]
. A second method,vault
, should also be available if a vault/password manager (like KeePassXC) is installed; it takes parametersuser
, an optionalindex
(if multiple saved passwords exist for the same username-hostname combination), and an optionalhost
(for using a different host's credentials). for exampleauth?method=vault&user=foo&&https://example.org
orauth?method=vault&user=foo&host=example.org&&https://wiki.example.org
.Beta Was this translation helpful? Give feedback.
All reactions