Wildcard hostname matching

mreynolds0404
mreynolds0404
Community Member
edited April 2015 in 1Password in the Browser

My company has hundreds of client websites that all follow the same hostname pattern and use the same credentials. The URL pattern is something like: https://foo.<client_id>.bar/home.html. Is there anyway to have a single 1password entry work for all these sites without having to enter 100's of URLs into "website", "website2", etc.?

«13

Comments

  • Megan
    Megan
    1Password Alumni
    edited November 2014

    Hi @mreynolds0404‌

    Thanks so much for the suggestion! At this time, what you are proposing is not possible, but I'm happy to pass your thoughts along to our developers.

    ref: OPM-2561

  • mreynolds0404
    mreynolds0404
    Community Member

    Please do.

  • simon48
    simon48
    Community Member

    I would love this feature as well. The ability to do something like *.dev would be great for web developing.

  • Thanks for the feedback, @simon48! :)

  • redcoat
    redcoat
    Community Member

    When will this be available again? Apparently it was possible in an older version, and it is extremely inconvenient to us in the way we do development.

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hi @redcoat,

    Unfortunately there hasn't been any progress on this particular request at this point in time so I have no progress to report. We've been keeping the devs busy with trying to fix a number of bugs so they've been quite focussed in other areas. I've added your query to the feature request to ensure it is seen as still desired. I can't say if it was in an older version or not as I've never had a suitable domain where I personally would have used such a feature.

    Sorry it wasn't better news that I could report back with.

  • redcoat
    redcoat
    Community Member

    It was in v3. If you're using AWS instances, you could setup a login for *.compute.amazonaws.com for example.

  • Drew_AG
    Drew_AG
    1Password Alumni

    Thanks for the feedback @redcoat! Again, I'm sorry it doesn't work that way in the current version, but we've added your comments to the ticket for this issue.

    If you need anything else, please do let us know!

  • redcoat
    redcoat
    Community Member
    edited March 2015

    It's really a big deal. What are the implications of my downgrading back to version 3?

  • sjk
    sjk
    1Password Alumni

    Hi @redcoat,

    I'm just catching up with this discussion and not sure I fully understand your issue so please let me know if I'm missing anything. :)

    Let's use your example:

    If you're using AWS instances, you could setup a login for *.compute.amazonaws.com for example.

    When you create a Login item with https://compute.amazonaws.com or simply https://amazonaws.com as the website field value, are you able to use that as a wildcard item for filling on any of your *.compute.amazonaws.com sites after opening the page in your browser? Or is it some other type of wildcarding you're trying to do?

    Thanks for your patience while we get this sorted out!

  • mreynolds0404
    mreynolds0404
    Community Member
    edited April 2015

    Just to add some clarity to the original ask, here is my usecase. I use my company domain credentials to log into the management portion of our client sites. The host name for these client sites follow a certain pattern: https://managment.<client_id_code>.mycompany.com/manage. We have hundred of clients and new ones being added all the time, so I do not have a static list of values that would replace <client_id_code>. Ideally, i want the ability to add a website entry to a 1password Login item that looks like this: https://management.*.mycompany.com which would match any of my client sites without manually managing hundreds of individual website entries.

    If you guys want to get super crazy...if I could associate a Login item with a Certificate Authority that has signed a server's certificate, I could do away with URL matching altogether and just have a domain Login item that would work for all our servers (as they all have certs signed by the company's CA).

  • @mreynolds0404 : thanks for elaborating on your use case. I love it when users explain why they'd like a particular feature. :)

  • mreynolds0404
    mreynolds0404
    Community Member

    Hmm, it looks like the forum software is scrubbing some of my post. In the URL pattern, there should be something like CLIENTID in between "management" and "mycompany". Also, CLIENTID should have been after the "replace".

  • sjk
    sjk
    1Password Alumni

    Hi @mreynolds0404,

    I've edit your post so <client_id_code> appears as you intended instead of being parsed as HTML, by adding a backslash before the closing > character. Sorry for that trouble; thanks for mentioning it. I often use the PREVIEW button to see how comments will look (more or less) before posting them. :)

    Ideally, i want the ability to add a website entry to a 1password Login item that looks like this: https://management.*.mycompany.com which would match any of my client sites without manually managing hundreds of individual website entries.

    Uniquely titled Login items with https://mycompany.com as the website field value might be able to serve this purpose for you. 1Password should match those item on any https://managment.<client_id_code>.mycompany.com/manage page opened in your browser. As needed, you could create items with more specific https://<client_id_code>.mycompany.com website values to use on those sites.

    The Lenient URL matching option, under Browser Preferences, is sometimes a factor in item matching/displaying:

    Lenient URL matching determines how picky the browser extensions are about matching your saved Logins to the current URL. When enabled, 1Password will only look at the main domain (google.com) not the subdomain (mail.google.com, accounts.google.com). Any Logins marked as Favorites will appear at the top, followed by the rest of the matching Logins, listed alphabetically.

    I hope that's helpful!

  • redcoat
    redcoat
    Community Member
    edited April 2015

    @sjk: I did what you suggested, and added a login with https://compute.amazonaws.com as the website address.

    However, when I go to one of our dev instances at https://blahblah.compute.amazonaws.com I can't get 1Password to fill in the username or the password (they are actually separate screens). If I right click and chose the above Login, it opens a new tab.

    If I save the login when prompted after I enter the password, I can return the page and when I do Ctrl+\, I can chose the first login and it enters the username, click submit, do Ctrl+\ again and it enters the password.

    I need it to work like this for any https://*.compute.amazonaws.com

  • njs50
    njs50
    Community Member

    I have the same issue. I "upgraded" from version 3, and now this doesn't work anymore. It's incredibly annoying having to manually copy and paste the username and password each time. Admittedly this is why I skipped version 4, bleh, guess it's time to go back to v3.

  • njs50
    njs50
    Community Member

    it is kind of odd that my entry for www.amazon.com works on smile.amazon.com but the entry for x.us-west-2.compute.amazonaws.com doesn't work on y.us-west-2.compute.amazonaws.com

  • sjk
    sjk
    1Password Alumni

    Hi @redcoat and @njs50,

    I've identified the problem where 1Password isn't matching Login items with https://compute.amazonaws.com in their website field on subdomains sites of it (e.g. https://blahblah.compute.amazonaws.com). It's similar for your x.us-west-2.compute.amazonaws.com item not matching/filling on y.us-west-2.compute.amazonaws.com, @njs50.

    Thanks for the additional details that helped find this bug so our developers can get it squashed.

    ref: OPX-47

  • redcoat
    redcoat
    Community Member

    Great! Any idea how long a fix might take? And will you notify us here when it's ready?

  • AGAlumB
    AGAlumB
    1Password Alumni

    @redcoat: We can't say when, but identifying the problem (thanks to everyone in this thread!) is a good first step so that the developers can take a look and see what needs to be done to get this resolved. It's a start. Keep an eye out for updates! :)

  • Cory Schires
    Cory Schires
    Community Member

    I'm having a similar issue. I would like to add the a wildcard URL which looks like:

    https://scholastica-pr-*.herokuapp.com
    

    Our build process automatically creates these apps for QA testing, so the * is dynamic.

    1. Will this syntax be supported with the upcoming bug fix?
    2. Approximately when will the fix be released?

    Thanks,
    Cory

  • Drew_AG
    Drew_AG
    1Password Alumni

    Hi @Cory Schires,

    Unless I'm misunderstanding what you mean, when things are working correctly, you shouldn't need to use a * at all. There is a setting in 1Password called Lenient URL matching which determines how picky the browser extensions are about matching your saved Logins to the current URL. When that setting is enabled, 1Password will only look at the main domain of the current site (i.e. google.com) and not the subdomain (i.e. mail.google.com, accounts.google.com). Any Login items containing a URL with the same, main domain will be shown in the browser extension.

    On the other hand, when Lenient URL matching is disabled, the 1Password extension will only show Login items that match the domain and subdomain.

    You can find more information about that setting here: Lenient URL matching

    Now, there is a bug that our developers are currently looking into which might cause Lenient URL matching to not work as expected. So if it doesn't seem to be working as I described above, that is probably due to the bug, and I apologize for the inconvenience! I don't have a timeframe for when that will be fixed, unfortunately.

    If I misunderstood your question, or if you have others, please let us know. Thanks!

    ref: OPX-47

  • mmmpie
    mmmpie
    Community Member

    Any word on when the lenient url bug will be fixed? I just tested it in 5.3.1 and it still exists.

    In a similar vein is there a way to select an entry from the browser extension and have it fill the current page, rather than going to the page on record for the login? I tried holding option, shift, command etc while selecting the login I wanted to use, but none of them seemed to affect it (option did reveal the password).

  • Drew_AG
    Drew_AG
    1Password Alumni
    edited May 2015

    Hi @mmmpie,

    Any word on when the lenient url bug will be fixed? I just tested it in 5.3.1 and it still exists.

    Can you elaborate on the problem you're experiencing with lenient URL matching? I'm not sure if it's the same as the one I referred to in my last post here.

    In a similar vein is there a way to select an entry from the browser extension and have it fill the current page, rather than going to the page on record for the login? I tried holding option, shift, command etc while selecting the login I wanted to use, but none of them seemed to affect it (option did reveal the password).

    Do you mean you open a website with a login form, select your Login item for that site from the 1Password extension, and it opens a new page for that site instead of filling the one that's already open? Or do you mean you open one site, but want to fill it with the username & password from a Login item for a completely different site?

    If the site is already open but choosing a matching Login item opens a new page (or tab) for that site, does the URL of the first page match the URL in the Login item exactly? Or is it a different subdomain?

    The more details you can give us, the better. Thanks!

    ref: OPM-1090

  • mmmpie
    mmmpie
    Community Member

    I have a login for 'somedomain.com'.
    I have turned on lenient url matching in the preferences.
    When I visit 'sub.somedomain.com' my login is not available to choose from in the browser extension.

    I have tried permutations for the login's website value:
    'somedomain.com'
    '.somedomain.com'
    'http://somedomain.com'
    'https://somedomain.com'

    As I understood it the lenient domain matching would allow subdomains to match the root domain on the login.

    In lieu of having the domain match and make the login available to fill I would like to be able to force a login to fill in the current page. At the moment when I click on the 1password extension, navigate to a login in the menu and click the browser is taken to the website of the login. If I hold down ctrl could the browser extension attempt to fill in the form on the page I am currently on? This is useful because I have a single login across many development instances of my site, where all of the login page's form fields match the login record.

  • AGAlumB
    AGAlumB
    1Password Alumni

    As I understood it the lenient domain matching would allow subdomains to match the root domain on the login.

    @mmmpie: This is what I'm seeing. If you're having different results at a particular site, it may be helpful if you share the URLs in question so we can test this.

    For instance, I use my schwab.com login at www.schwab.com, wireless.schwab.com, and client.schwab.com. I just spent a bit experimenting with changing the saved URL and I'm still able to use it at each URL.

    If I hold down ctrl could the browser extension attempt to fill in the form on the page I am currently on?

    By design, 1Password will not fill a login into a page from a domain other than those you have saved in the item. If you need to use the same login on multiple websites, you can add them as multiple URLs in the login item. That said, we can certainly consider making it an option to ignore this and fill the current page, but we'd have to be very careful with this.

    Please let me know what you find. I look forward to hearing back from you!

  • mmmpie
    mmmpie
    Community Member

    Dev instances are being launched on aws, so the urls look like
    https://ec2-11-111-111-11.us-west-2.compute.amazonaws.com

    I tried using amazonaws.com as the login website in case it only worked for the root domain, but that didnt work.

  • Drew_AG
    Drew_AG
    1Password Alumni

    Thanks @mmmpie! Yes, that is definitely part of the bug described in this post. I'm afraid I don't have a timeframe for when that will be resolved. I'm sorry for the inconvenience! I'll add your comments to the bug report to let our developers know.

    I wish I had a better answer for you about that! If you have more questions or need anything else, please let us know.

    ref: OPX-47

  • njs50
    njs50
    Community Member

    has any progress been made on this? i'd love to be able to upgrade from version 3 one day

  • Jasper
    edited July 2015

    No progress to report, unfortunately. It's still an open issue in our tracker, but I don't have any timeframe for when it will be resolved. Sorry I don't have a better answer for you right now.

This discussion has been closed.