Enancement: Saved tab state should include HTTP auth
Posted: 2021-12-03, 11:57
When something crashes Pale Moon, the next run offers to reload the state of all tabs. This is a nice feature, but has a limitation which I suggest to improve:
If any of those tabs accessed the page with HTTP(S) auth rather than cookie-based auth, the restored session does not include the auth data, and thus the user is prompted for entering credentials again.
The suggested enhancement is to include the HTTP auth data (appropriately encrypted) in the crash restore state, just like it may contain appropriately encrypted cookies, POST parameters etc.
This may be vaguely related to Bugzilla bug #789062, which is about that restore being done incorrectly in Fx 13.x
Analysis of the 7 thinks to think about (viewtopic.php?f=5&t=5647):
1. No this is not specific to a workflow, other than the general case of a browser crash when using the fundamental HTTP Auth browser feature.
2. This does not add any gadget or toy, it is merely to have an existing core feature work with another existing core feature.
3. This feature is culturally neutral as far as the two involved core feature are culturally neutral.
4. Websites using HTTP Auth may be rare these days, but do exist. That is the only aspect that might be considered "advanced usage"
5. I know of no extension or extension mechanism to add more state (especially state for core components such as HTTP) to the session restore file.
6. Yes, this improves overall quality as it removes a situation where users have to reenter their login after a browser crash.
7. This suggestion does not hinder access to any resource.
If any of those tabs accessed the page with HTTP(S) auth rather than cookie-based auth, the restored session does not include the auth data, and thus the user is prompted for entering credentials again.
The suggested enhancement is to include the HTTP auth data (appropriately encrypted) in the crash restore state, just like it may contain appropriately encrypted cookies, POST parameters etc.
This may be vaguely related to Bugzilla bug #789062, which is about that restore being done incorrectly in Fx 13.x
Analysis of the 7 thinks to think about (viewtopic.php?f=5&t=5647):
1. No this is not specific to a workflow, other than the general case of a browser crash when using the fundamental HTTP Auth browser feature.
2. This does not add any gadget or toy, it is merely to have an existing core feature work with another existing core feature.
3. This feature is culturally neutral as far as the two involved core feature are culturally neutral.
4. Websites using HTTP Auth may be rare these days, but do exist. That is the only aspect that might be considered "advanced usage"
5. I know of no extension or extension mechanism to add more state (especially state for core components such as HTTP) to the session restore file.
6. Yes, this improves overall quality as it removes a situation where users have to reenter their login after a browser crash.
7. This suggestion does not hinder access to any resource.