Can 1Password insert username/password into HTML arguments instead of a form?

I have a html page like this ......html?user=username&pass=password
I have the login defined in 1password. Is it possible for me to put the URL in 1password for this login like this:
... html?user=%USERNAME%&pass=%PASSWORD%

Then, when I click on the login, 1password will substitute the username and password defined in 1password and pass that to the browser.
Basically, instead of logging in via a form, the login credentials are passed on the URL/HTML line that is passed to the browser
The form of the token doesn't matter.. is used used %username% and %password% as examples.

Comments

  • Hi @BillSabatine,

    No, we don't have support for this at the moment. First, make sure the URL starts with https://, this isn't a secure way to submit your data at all. You are basically sending in your username and password in clear view and anybody in your network will see that data.

    However, if you really want to, you could edit the URL of your Login item to put in your username/password for now. That does mean as you update your data over time, you also have to update the URL.

    I'll add your vote to our tracker to consider support for the arguments.

  • BillSabatine
    BillSabatine
    Community Member

    Thanks MikeT... this construct is for our company intranet... it would never go outside the firewall.. I use it actually to launch applications with 1password, using javascript to launch the program and passing login info to the program started by javascript... pretty good deal to be able to launch apps from 1password, with 1password maintaining the login info.... So it might be a nice thing to add... should be easy for 1password to do. Yes, for now, I'll just harcode the userid/password in the HTML string... thanks again

  • Hi @BillSabatine,

    Without understanding exactly how this is working in your network, I can only advise to be careful with leaking the information like this through the browser if it goes to a different server. Even if it is restricted to the local network, it is not enough to prevent someone inside that network from re-routing it to the Internet.

    pretty good deal to be able to launch apps from 1password, with 1password maintaining the login info....

    1Password supports Auto-Type on Windows, you can associate the specific application windows with 1Password and pressing Control +\ will allow 1Password to fill it in. You can find out more here: https://guides.agilebits.com/1password-windows/4/en/topic/creating-an-application-login

This discussion has been closed.