Http cookie configuration with mercurial
Gregory Szorc
gregory.szorc at gmail.com
Mon Mar 13 20:41:40 UTC 2017
On Sun, Mar 12, 2017 at 10:15 PM, SUDRIE, Benoit B <
benoit.b.sudrie at airbus.com> wrote:
> Thanks Gregory for this information!
>
>
>
> It will be nice to get this functionality in the next mercurial release.
>
>
>
> Today the format we use with git is also the Netscape/Mozilla cookie file
> format, so it is good for my need.
>
>
>
> Another improvement could be to manage the new cookie format with sqlite
> database for Firefox, or manage the access to Internet Explorer cookie data
> (I don’t take the time to understand the cookie format of IE, I don’t know
> if it is possible to access it).
>
I'm not sure about IE, but it is technically possible to read Firefox's
sqlite cookies database from Mercurial. Mozilla uses this so various
Mercurial extensions can find cookies for bugzilla.mozilla.org (although
that practice is going away in favor of API keys). Code for that lives at
https://hg.mozilla.org/hgcustom/version-control-tools/file/tip/pylib/mozhg/mozhg/auth.py
.
That being said, it is unlikely that Mercurial itself would ever support
reading browser cookies as a core feature. The reason is that as far as I
know browsers don't provide a stable interface for reading cookie
information and therefore the Mercurial feature would not be stable enough
to officially support as a core feature. This feature would likely be the
domain of a Mercurial extension, likely maintained by a third party. The
code I linked would be a good start on such an extension.
>
>
> I add the mercurial-devel mailing list if someone thinks this kind of
> improvement could be useful.
>
>
>
> Thanks again for your feedback.
>
>
>
> Regards,
>
> Benoit SUDRIE
>
>
>
> *From:* Gregory Szorc [mailto:gregory.szorc at gmail.com]
> *Sent:* Friday 10 March 2017 7:45 AM
> *To:* SUDRIE, Benoit B
> *Subject:* Re: Http cookie configuration with mercurial
>
>
>
> I agree cookie support is a necessary feature for authentication
> mechanisms like this.
>
> I've submitted a concept patch to core Mercurial:
> https://www.mercurial-scm.org/pipermail/mercurial-devel/
> 2017-March/094252.html
>
> I'll try to get this in Mercurial 4.2 for you.
>
> Out of curiosity, is there a specific cookie file format you need
> supported? The easy ones for us to implement are those supported by Python
> itself (https://docs.python.org/2/library/cookielib.html). We could also
> support defining a cookie value as a config option. But I'm guessing you
> want the flexibility of an actual cookie file?
>
> Anyway, it might be best if you reply to that post on the mercurial-devel
> list with your exact needs so other people see the discussion.
>
>
>
> On Thu, Mar 9, 2017 at 8:32 PM, SUDRIE, Benoit B <
> benoit.b.sudrie at airbus.com> wrote:
>
> Yes, OTP authentication.
>
>
>
> This functionality could be useful to access throw http to a secured
> server.
>
> Bad to know this feature is not available with mercurial.
>
>
>
> Thanks for your feedback.
>
>
>
> Regards,
>
> Benoit SUDRIE
>
>
>
> *From:* Gregory Szorc [mailto:gregory.szorc at gmail.com]
> *Sent:* Friday 10 March 2017 4:41 AM
> *To:* SUDRIE, Benoit B
> *Cc:* mercurial at mercurial-scm.org
> *Subject:* Re: Http cookie configuration with mercurial
>
>
>
> There is no such feature in Mercurial. It is certainly possible to
> implement as an extension or as a core feature.
>
> What is your use case? Authentication?
>
>
>
> On Sun, Mar 5, 2017 at 9:32 PM, SUDRIE, Benoit B <
> benoit.b.sudrie at airbus.com> wrote:
>
> Dear all,
>
>
>
> I am looking for some information on mercurial regards the possibility to
> set cookies information when we try an http connection to a repository.
>
>
>
> This functionality is available with GIT (https://git-scm.com/docs/git-
> config#git-config-httpcookieFile) and I would like to know if there is
> any possibility to perform this kind of configuration with Mercurial?
>
>
>
> If not, do you have the information why and if this improvement is
> planned? (I will maybe have to ask to the devel mailing list then)
>
>
>
> Regards,
>
> Benoit SUDRIE
>
>
>
> The information in this e-mail is confidential. The contents may not be disclosed or used by anyone other than the addressee. Access to this e-mail by anyone else is unauthorised.
>
> If you are not the intended recipient, please notify Airbus immediately and delete this e-mail.
>
> Airbus cannot accept any responsibility for the accuracy or completeness of this e-mail as it has been sent over public networks. If you have any concerns over the content of this message or its Accuracy or Integrity, please contact Airbus immediately.
>
> All outgoing e-mails from Airbus are checked using regularly updated virus scanning software but you should take whatever measures you deem to be appropriate to ensure that this message and any attachments are virus free.
>
>
>
>
>
>
>
>
> _______________________________________________
> Mercurial mailing list
> Mercurial at mercurial-scm.org
> https://www.mercurial-scm.org/mailman/listinfo/mercurial
>
>
>
>
>
> The information in this e-mail is confidential. The contents may not be disclosed or used by anyone other than the addressee. Access to this e-mail by anyone else is unauthorised.
>
> If you are not the intended recipient, please notify Airbus immediately and delete this e-mail.
>
> Airbus cannot accept any responsibility for the accuracy or completeness of this e-mail as it has been sent over public networks. If you have any concerns over the content of this message or its Accuracy or Integrity, please contact Airbus immediately.
>
> All outgoing e-mails from Airbus are checked using regularly updated virus scanning software but you should take whatever measures you deem to be appropriate to ensure that this message and any attachments are virus free.
>
>
>
>
>
>
>
>
>
>
> The information in this e-mail is confidential. The contents may not be disclosed or used by anyone other than the addressee. Access to this e-mail by anyone else is unauthorised.
> If you are not the intended recipient, please notify Airbus immediately and delete this e-mail.
> Airbus cannot accept any responsibility for the accuracy or completeness of this e-mail as it has been sent over public networks. If you have any concerns over the content of this message or its Accuracy or Integrity, please contact Airbus immediately.
> All outgoing e-mails from Airbus are checked using regularly updated virus scanning software but you should take whatever measures you deem to be appropriate to ensure that this message and any attachments are virus free.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mercurial-scm.org/pipermail/mercurial-devel/attachments/20170313/5012c924/attachment.html>
More information about the Mercurial-devel
mailing list