[pve-devel] [PATCH] Hack for allowing browser to autofill the login form
Alexandre DERUMIER
aderumier at odiso.com
Fri Apr 6 17:05:39 CEST 2012
Yes, I know it's insecure, but isn't form autofill also insecure ?
With cookie, I can choose if I want use it or not use it.
With autofill, I can't choose ...
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>
Cc: "Neliger" <contact at neliger.com>, pve-devel at pve.proxmox.com
Envoyé: Vendredi 6 Avril 2012 16:53:08
Objet: RE: [pve-devel] [PATCH] Hack for allowing browser to autofill the login form
>Why don't we simply add a persistant cookie like "remember me" checbox in form, for users who don't want >to retype their login/pass ?
Because a cookie is considered totally insecure. Or what do you want to store in the cookie?
--
--
Alexandre D erumier
Ingénieur Système
Fixe : 03 20 68 88 90
Fax : 03 20 68 90 81
45 Bvd du Général Leclerc 59100 Roubaix - France
12 rue Marivaux 75002 Paris - France
More information about the pve-devel
mailing list