buttercup-browser-extension
buttercup-browser-extension copied to clipboard
buttercup
Do not ignore subdomains when filtering credentials
In certain use cases (e.g., at our university) different services are offered under certain subdomains that require different credentials. E.g., we have different logins for service1.name.tld service2.name.tld ... I have only one pair of credentials for each service, but a vast number of services in total.
Thus, I would appreciate a setting that allows to specify that credentials for '*.name.tld' should be filtered by subdomains, to avoid having to scroll/search in the long list for the correct one. This could also be a global setting (i.e., honour subdomains for all credentials).
Do you think this is possible?
Hi Fully support this request. Filtering by subdomains would be great, this is really annoying to scroll down everytime to find the good entry. Ability to rename entries thru the browser extension would be great. Using Firefox latest.
NO REPLY NECESSARY
Hi @reuterbal,
Hope you're well
I presume you're already doing it but I employ this entry naming system to handle sub domains:
name.tld - service1 name.tld - service2
Hope this helps!
Regards
Pushing this issue as I recently realized that this issue is much more general. For domains from countries that do not issue 2nd level domains (e.g., UK), this results in no distinction whatsoever - e.g., ebay.co.uk, amazon.co.uk etc. are all selected on any .co.uk website.
Valid points, but we don't have a lot of real-estate to show the URL in those results. However I guess we must consider having it always visible for the reasons you've mentioned. We don't really have a domain as such as the user can freely enter URLs. We could strip the URL information to leave just the domain, but this also feels a bit amateurish. Any suggestions on UI layout?
Rather than creating new UI can this be solved with some configuration?
I have a ebay.com entry:
ebay.com
username: n/a
password: n/a
custom fields
url: http://ebay.com
http://ebay.com UX:
Great, what we expect
http://ebay.co.uk UX:
Hmm, not so great as I have to manually search "ebay" for result
If I update the entry to the following then can I get unified UX?:
ebay.com
username: n/a
password: n/a
custom fields
url: http://ebay.com
url - 2: http://ebay.co.uk
Essentially the user only sees results (e.g. entry suggestions) if the website domain is included in a custom field value.
And relating to the original issue request, yes, I think a global setting to include/exclude subdomains in these results would be sensible. Personally I would default to include but @reuterbal would exclude to solve his use case.
Regards
FYI
In UK the student loans website login is horrific
There are numerous ways to start and end the login process and it directs users all over the place. I've dropped some URLs in my entry so I can make sense of it but with my solution above no matter which of the URLs the login process throws me out at I'll always get the correct entry suggestion and should be able to make use of your auto login feature without manual intervention.
Regards
PS Ignore the #tags - some meta data thing I'm experimenting with
Thank you @perry-mitchell for considering this.
Just as @ldexterldesign pointed out, I am not so much looking for a better way to visually distinguish entries but for improvements to the existing filtering procedure. Thus, I don't think it is necessary to show the URL but rather to enhance the selection algorithm that chooses the entries that are offered on a website (i.e., be more restrictive).
What are the current criteria for that? Since for any DOMAIN.co.uk website all entries with .co.uk-URLs are offered, there must be some matching with respect to domain names?
Here's the current initial-results functionality:
https://github.com/buttercup/buttercup-browser-extension/blob/1b173fcfe1d874e0bf7d0dc1269a9c7d92bc90fe/source/background/library/archives.js#L314-L334
It is extremely naive, and does only domain matching in the most basic sense. It definitely needs an overall which should easily help accommodate some of the points here.
I was thinking of something like the following:
- Domain (and sub-portion of domain) matching to make it on the results list
- Results ordered in terms of a score:
- String distance?
- Usage count? (memory)
For a little while I tried the Passman Browser Addon (https://github.com/nextcloud/passman-webextension) in conjunction with the Nextcloud App. There, the URL filtering did a decent job in those cases I tested - maybe there are some useful ideas on filtering URLs in there? On the other hand, the code there looks a bit like a mess... so it might not be the best reference.
Your strategy sounds reasonable: if it is combined with a sensible ordering then being less restrictive on the results list is a good idea. I don't have any experience in that direction nor have done a lot of string matching, so I'm not sure what are good metrics for that score.
Thanks @reuterbal - Good idea. I've almost completed a URL diffing library which we'll most likely use, which supports scoring and distance calculations which should handle URL matching a bit better. It won't automatically exclude URLs if the domain isn't exact or they use a different protocol.