189961 2018-09-25 11:31:31 -0700 [WPE][GTK] Fix HTTP credentials in sandbox 2018-10-15 08:11:00 -0700 1 1 1 Unclassified WebKit WebKitGTK WebKit Nightly Build Unspecified Unspecified RESOLVED INVALID P2 Normal --- 189956 1 pgriffis webkit-unassigned bugs-noreply mcatanzaro oldest_to_newest 1463231 0 pgriffis 2018-09-25 11:31:31 -0700 Currently the WebProcess talks to libsecret for HTTP credentials. This is unacceptable and needs to be proxied through the UI layer which can limit password access by origin. See also how this was handled in Epiphany: https://gitlab.gnome.org/GNOME/epiphany/commit/68b0f85747a177047a7b49d839895aad54b05309 1464382 1 mcatanzaro 2018-09-28 08:32:00 -0700 As part of this I want to rework how credentials are saved. Give the application a signal so it can save credentials in its own way. E.g. Epiphany should be able to put WebKitGTK+ passwords with all the user's Epiphany passwords. It doesn't make sense that just the few HTTP auth passwords are separated. 1469218 2 pgriffis 2018-10-15 08:11:00 -0700 We've decided to trust the NetworkProcess for now and not sandbox it so this no longer applies.