Further improvements to URL matching could logging in to sites with subdomains even easier
Hi,
This is a great feature in 1Password4, but by "subdomains" is meant information after the forward slash? I ask, because it would be wonderful if 1Password could (for example) distinguish the subdomain bugreport.apple.com from store.apple.com, or www.lib.utexas.edu from uteid.utexas.edu. In this way, I would have a better chance of getting the login/password combination that I need when invoking 1Password, instead of having to choose from a list of several possibilities.
Or am I missing something?
Comments
-
Hi @odysseus,
Thanks for asking about this. Which version of 1Password are you running?
by "subdomains" is meant information after the forward slash?
From the Syntax section of Wikipedia's Uniform resource locator (URL) page:
The syntax is:
scheme://domain:port/path?query_string#fragment_id(bold emphasis added)
It's that domain part of the URL, which includes subdomains, we mean. :)
1Password 4.2 changes the way sorting works in 1Password mini, to start by filtering it based on the precise URL matching. In other words, instead of showing all items on all subdomains, we just filter it to show you items that match the subdomain first. Enabling the new Lenient URL matching option under Preferences > Browser will switch back to the old behaviour from previous versions, where subdomains were ignored:
If you're running 4.1.2 from the Mac App Store, that change will be in the next update coming soon. All updates for 1Password 4 purchased from the Mac App Store (MAS) will only come directly from Apple.
it would be wonderful if 1Password could (for example) distinguish the subdomain bugreport.apple.com from store.apple.com, or www.lib.utexas.edu from uteid.utexas.edu.
Distinguishing subdomains like those is what the change in 4.2 is intended to help with and I hope it does for you. :)
0 -
I'm running 4.2.2 (can't stand the MAS delays). I guess my initial posting led you to believe that I hadn't tried this feature in 4.2, but I guess it's harder to implement than one would think. For example, I can try to log into bugreport.apple.com (and have a 1P login/password combination with this URL), but when one enters that URL, Safari changes it to https://idmsa.apple.com, and then the matching can't work very well, can it?
And if there isn't a match with a subdomain, 1Password defaults to the old lenient behavior by showing matches with the domain?
0 -
Hi @odysseus,
Now I see how you implied already at least being aware of the 4.2 change. :)
Have you tried adding https://idmsa.apple.com as an additional website field URL to the Login item you've got for bugreport.apple.com? Or maybe I'm misunderstanding the issue?
And if there isn't a match with a subdomain, 1Password defaults to the old lenient behavior by showing matches with the domain?
Correct, plus always behaving that way when the Lenient URL matching option is enabled.
0 -
Have you tried adding https://idmsa.apple.com as an additional website field URL to the Login item you've got for bugreport.apple.com?
I just tried this, and although I expected it to work, it does not. Any idea why? 1P's first listed suggestion is my AppleID, which has no mention of Apple anywhere except in the name (the associated URL is www.icloud.com). How does 1P even propose it? Is it because this AppleID is a favorite?
0 -
Hi @odysseus,
With Lenient URL matching disabled, I think specific (sub)domain matches should be overriding Favorite items in 1Password mini sorting. That's how it works with an example I posted: here. But I see what you mean with www.icloud.com marked as a Favorite causing it to be above other items that use specific apple.com subdomains that should match, like bugreport.apple.com and developer.apple.com.
I'm adding more details about this issue in our tracker. Thanks for reporting it!
0 -
Thanks. But shouldn't there have been an exact match with https://idmsa.apple.com? Furthermore, how is there any identification of my AppleID with apple.com given that it is associated with www.icloud.com? Is there some sort of hard-coding within 1P for this?
0 -
Hi @odysseus,
But shouldn't there have been an exact match with https://idmsa.apple.com?
That's what I'd expect with Lenient URL matching disabled if you have a Login item with that URL in its website field(s) to match.
It's part of what I included in notes I added about the issue in our tracker. :)
Furthermore, how is there any identification of my AppleID with apple.com given that it is associated with www.icloud.com? Is there some sort of hard-coding within 1P for this?
The Contents/Resources/public_suffix.json file in the 1Password application bundle contains:
{"match":".*\\.(apple|icloud|me).com$","result":"apple.com"}It looks like that equivalence is partly responsible for the issue with the www.icloud.com Favorite overriding a more specific subdomain match. I created a Login item with a foo.me.com website field, marked it Favorite, and it shows up with my Favorite-marked www.icloud.com item, both above a specific non-Favorite item for idmsa.apple.com that should be the preferred match on a browser page with that subdomain.
ref: OPM-1400, OPM-2084
0
