Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create an option for « Don’t use this entry for HTTP Basic Auth » #6173

Closed
eromawyn opened this issue Feb 23, 2021 · 3 comments
Closed

Create an option for « Don’t use this entry for HTTP Basic Auth » #6173

eromawyn opened this issue Feb 23, 2021 · 3 comments
Labels
duplicate
Milestone
v2.6.5

Comments

@eromawyn
Copy link

I use wordpress to keep some kind of a diary. Accessing this wordpress is protected by HTTP AUTH. Not very private things, but not the kind which should be public. Then to update the diary, I have a wordpress login/pass couple.

I also use KeepassXC to store these passwords, and I have installed KeepassXC-Browser. The Wordpress password is marked with « Use this entry only with HTTP Basic Auth ».

So what happens when I go to this page ? 

  • I get the strange behaviour of nothing happening because, well, HTTP AUTH has multiple credentials in KeepassXC, as long as I don’t click on KeepassXC-Browser icon (known issue), since it gets both HTTP Auth and Wordpress password.
  • But if I want to login to wordpress, KeepassXC-Browser receives the correct answer, since the other one is checked as « Use this entry only with HTTP Basic Auth ». So I don’t need to choose the correct one.

What should happen ?

  • KeepassXC-Browser should query KeepassXC, and see only one credential valid in HTTP Auth context, and automatically use this one.
  • When I want to login to wordpress, it’s already working fine :)

Solution

There is currently only an option for marking entries with « Use this entry only with HTTP Basic Auth ». There should also be an option for « Don’t use this entry for HTTP Basic Auth », or a selector which allows choosing « HTTP Auth / Web Form » context, or some other way to do that choice.
@droidmonkey
Copy link
Member

I thought this was done already? Which version are you running?

@eromawyn
Copy link
Author

eromawyn commented Feb 23, 2021
edited
Loading

I use KeepassXC 2.6.4 (installed with chocolatey) and KeepassXC-Browser 1.7.6 on Brave Browser.

I have seen old issues opened with people seemingly expecting the same behaviour, but the fix applied (creating the « Use this entry only with HTTP Basic Auth » which I refer to) only solves half the problem, as I still need to choose the correct entry for the HTTP Auth, which is the most buggersome part.

@droidmonkey
Copy link
Member

#5394, we can likely backport this to 2.6.5

@droidmonkey droidmonkey added this to the v2.6.5 milestone Feb 23, 2021
droidmonkey added a commit that referenced this issue May 30, 2021
@droidmonkey
Add feature to ignore entries for HTTP-Auth Logins
6ebd341 
* Backport to fix #6173
louib pushed a commit that referenced this issue Sep 25, 2021
@droidmonkey @louib
Add feature to ignore entries for HTTP-Auth Logins
b29b50f 
* Backport to fix #6173
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate
Projects
None yet
Milestone
v2.6.5
Development

No branches or pull requests
2 participants
@droidmonkey @eromawyn