URL Matching: Subdomains, Paths, and Parameters

Hi,

after a lot of frustration regarding url-matching (and other probs) with the older 1P Version for 10.5, i've switched to 10.6 just to find out:
Dooh, basically no changes.. still no subdomain matching, no path mathing, parameters still counted (ruining matches), and no remedy to be found as far as i could search this forum.

So please: Is there any way (betas, whatever) to enable subdomain matching?

The more i use 1P, the more i pile up logins, the more 1P becomes unusable from a professional webdevelopers point of view..

regards,
Jan

ps.: where's the matching (what file) taking place currently? For the moment I wouldn't mind to hack it in some ways if i can.. i just need a somehow usable funtionality..

--
1P Version: 3.8.19, Extension 3.9.4b1 (@FF12), OSX 10.6.8

Comments

  • khad
    khad
    1Password Alumni
    Jan,

    I'm sorry that you are having some trouble. URL parameters don't cause any trouble for 1Password, and subdomains are part of the Login matching. For example, pressing the Command-\ keyboard shortcut will work to fill a Login at `foo.example.com` when on that subdomain and `bar.example.com` when on that one. If you're having trouble with a specific URL, I would be happy to get it resolved. Please let me know the URL(s), the steps you are taking, and what you are [not] seeing happen? With some additional information from you I can then provide you with specific assistance.

    Thanks!
  • bwadm
    bwadm
    Community Member
    edited June 2012
    See here:
    http://forum.agilebi...__fromsearch__1

    The point is a real weakness!
    When you search, you find quite some users complaining, but it seems that except nice words there is no consideration.
  • khad
    khad
    1Password Alumni
    Thanks for linking to that earlier thread, bwadm. You are correct, there are three others users who have edge cases which we would like to account for, but I don't have anything else I can say that I haven't already said in that thread. I'm sorry I don't have a better answer for you at this time.

    We are working hard on the next major version of 1Password, and this is something we may be able to look at more closely after it is released. I want to be up front and honest and say that it probably will not be possible to devote resources to this before then, though.

    ----

    Jan, I would still love to help sort things out for you. Your use case may be different than bwadm's, so if you can provide some more details I would love to see what we can work out for you. :)
  • khad wrote:
    .. there are three others users who have edge cases which we would like to account for, but I don't have anything else I can say that I haven't already said in that thread.


    Hm.. well i don't really know what's being edgy about correctly matching subdomains and pathes.. basically this is what an app like 1P is all about: gimme the right credentials for the URL i'm at. Right now i have this behaviour:

    * 1P doesn't obey the subdomains.. throws any credential at me which matches the domain.
    * 1P doesn't obey the path.. again: throws any credential at me which matches the domain.

    In my everyday life as webdev this means: permanently sieving the lists of credentials 1P gives me.. which - depending on domain - may sum up to 20 matches if unlucky, while actually only one should match. To add insult to injury: the lists aren't even sorted by plausibility or something usefull: no.. sorted by the bookmark title.
    (Before you ask: no, i don't invoke the list view accidentally.. )

    Please don't mistake forum posts with the RL outside.. it is not. Nearly all of my collegues use 1P, and the generall consensus is: the more candy it gets, the less usefull it becomes as a serious tool for what it was initially designed. They all more or less have the same problems as i do.. but they just don't take the time to come here.

    regards,
    jan

    --
    1P Version: 3.8.19, Extension 3.9.4b1 (@FF12), OSX 10.6.8
  • khad
    khad
    1Password Alumni
    edited June 2012
    * 1P doesn't obey the subdomains.. throws any credential at me which matches the domain.

    As I said above, this should not be the case and is not in our testing. Please provide the URLs so we can take a look.

    * 1P doesn't obey the path.. again: throws any credential at me which matches the domain.

    This is correct. Only subdomains (and thus domains) are matched at this time.


    Please don't mistake forum posts with the RL outside.. it is not. Nearly all of my collegues use 1P, and the generall consensus is: the more candy it gets, the less usefull it becomes as a serious tool for what it was initially designed. They all more or less have the same problems as i do.. but they just don't take the time to come here.

    Absolutely understood which is why I'd love to get the URLs from you that I requested a week ago so we can take a look and see why you are having this problem. If something needs to be fixed, we would love to be able to reproduce the problem you are having so we can fix it.
  • khad wrote:

    As I said above, this should not be the case and is not in our testing. Please provide the URLs so we can take a look.

    It's not specific.. it's all URLs which share a domain. examples:
    http://dl.dropbox.com/u/10220684/screenshots/0b27fd387b9865239f1cb438e33d7b96.PNG
    http://dl.dropbox.com/u/10220684/screenshots/c69240f702b691d4150f8caf6b129483.PNG
    http://dl.dropbox.com/u/10220684/screenshots/67cefbb6ccc7abe96cc957d2c96b3b43.PNG

    khad wrote:

    This is correct. Only subdomains (and thus domains) are matched at this time.

    Which is a straight fail imho..


    khad wrote:
    .. that I requested a week ago ..

    Sry, but i have to check this thread manually.. your forum soft won't let me change my burnt/defunct old email address: asks my for my old password.. well: which one may i ask.. i'm logged in via twitter..

    regards,
    Jan
  • khad
    khad
    1Password Alumni
    Thanks for those images with some URLs! Can you confirm for me that the URL saved in the Login is precisely the same as the login page you want it to match? if you are using the Command-\ keyboard shortcut, pressing it should log you right in. For example, we have a few different subdomains here at AgileBits, so we are no stranger to this type of use case. I have Logins saved for:

    http://forum.agilebits.com/index.php?app=core&module=global&section=login
    


    and

    http://support.agilebits.com/login?to=%2F
    


    If I click the 1Password button in my browser's toolbar or use the Option-Command-\ shortcut to open the extension popup, I do get a list of all my Logins for the agilebits.com domain. However, if I use the Command-\ shortcut to "Fill and Submit" a Login, the correct one is filled at each subdomain without any prompt.

    Similarly, I created three different Login items to test with the URLs you provided in the images, just to make sure there was not some kind of parsing bug that was only affecting Login filling at your domain and nowhere else. I created Login items for:

    http://stats.rexdev.de
    


    http://svn.rexdev.de/redmine/login
    


    and

    http://rexdev.de/redaxo/index.php
    


    For each one, pressing Command-\ fills the correct Login item for the subdomain I am viewing.

    Please let me know if you are still having trouble. I am not able to reproduce any issue at rexdev.de. It behaves as expected with subdomain matching just like on every other domain.

    Do you have an example of a URL where path matching would help? The three you provided are only differentiated by subdomain and work as expected — no prompt to select one when using the Command-\ shortcut. I'd love to learn more about your specific situation so we can improve 1Password.

    As for the email address, if you are unable to change it yourself, you can certainly shoot me a PM with the address you want to use. I can change it in the admin control panel. I'd be happy to do that for you.

    Please let me know.

    Cheers,
  • khad wrote:
    Can you confirm for me that the URL saved in the Login is precisely the same as the login page you want it to match?

    Yes, definitely.. one example from those screenshots:

    * the login url is http://svn.rexdev.de/redmine/login
    * i have 5 logins for svn.rexdev.de, 2 have the exact URL http://svn.rexdev.de/redmine/login
    * i should be getting 2 matches, or at least - path matching aside - 5.. but i'm getting the whole "anything that matches rexdev.de" shebang: 15 matches.. and the 2 i'm looking for are at position 11 & 13..

    just for the fun of it: deleted one of the 2 exact matches..: no change.. full list.


    khad wrote:
    I created Login items for:
    http://stats.rexdev.de
    

    http://svn.rexdev.de/redmine/login
    

    and
    http://rexdev.de/redaxo/index.php
    

    For each one, pressing Command-\ fills the correct Login item for the subdomain I am viewing.


    Well, what can i say.. are we talking about the same app? Is it the 800+ items i have that make 1P pass out..? Whatever it is.. the experience is poor.

    khad wrote:

    Do you have an example of a URL where path matching would help? ... I'd love to learn more about your specific situation so we can improve 1Password.

    Well think of any form at any given path one might want to save.. i do a lot of forms related stuff, and would want to save defaults for testing so i dont have to qwe,tab,qwe,tab,qwe.. all the time. But i totally stopped using 1P for those.. the matching havoc would exponentially get worse than it allready is. For the time being i use the FF addon Lazarus..

    khad wrote:

    As for the email address, ..

    Make it a agile at my main domain.. thx.

    regards,
    Jan
  • khad
    khad
    1Password Alumni
    I updated your email address, so you should now receive email notifications if you have them enabled and are following this topic.

    For form filling of a more "generic" nature, you might consider using an Identity item. That is, if Lazarus is not fully meeting your needs. Identity filling is only intended for the sort of name and address information used when registering for a new service, though. It sounds like it may not be flexible enough for your needs. Just thought I would mention it in case it helps.

    If you have exactly one Login for a given subdomain, Command-\ will fill it without prompting you. If you have more than one Login item for a subdomain (as you mentioned that you do), you will be prompted to select one since the extension cannot (yet?) read your mind to know which of the available Logins you wish to fill. :)

    It seems that the issue for you is that you want fewer options in the list that the extension offers you when it needs your input in those cases. You would like to be presented with only a list of the Logins for a an exact URL match (or at least subdomain match). Am I understanding correctly?

    The problem we run into is that previous URL matching schemes were not "permissive" enough for the vast majority of our users. For example, if someone saved a Login at [font=courier new,courier,monospace]login.example.com[/font] and then tried to use that Login when accessing the site at [font=courier new,courier,monospace]example.com/index.php?app=core&module=global&section=login [/font]they were confused as to what happened to the Login they had already saved for the site. In this sense, the vast majority of our customers want less specific URL matching and list of available Logins rather than more. 99% of users simply don't have that many Logins and certainly not for a single domain.

    All that said, we're looking at ways to improve this, and I can promise you that we are taking your use case into account as we move forward. Please let me know if there is anything else I can help with. I'd love to pass any additional feedback you may have along to the developers.

    Cheers,
  • khad wrote:

    I updated your email address, ..

    thx..
    khad wrote:

    For form filling of a more "generic" nature, you might consider using an Identity item. That is, if Lazarus is not fully meeting your needs. Identity filling is only intended for the sort of name and address information used when registering for a new service, though. It sounds like it may not be flexible enough for your needs.

    I'll give it a shot..
    khad wrote:

    If you have exactly one Login for a given subdomain, Command-\ will fill it without prompting you. If you have more than one Login item for a subdomain (as you mentioned that you do), you will be prompted to select one since the extension cannot (yet?) read your mind..

    Let's please stick to the example i gave.. if 1P was correctly matching the subdomain as you say it does, i should be gettin those 5 matches vor "svn.rexdev.de" i have.. right? I'm not complaining 1P wasn't reading my mind, i'm complaining 1P doesn't even stick to the subdomain.. it just lists anything with "rexdev.de" in it.. as said 15 matches in that specific case, and 10 of them are plain false.
    khad wrote:

    It seems that the issue for you is that you want fewer options in the list that the extension offers you when it needs your input in those cases. You would like to be presented with only a list of the Logins for a an exact URL match (or at least subdomain match). Am I understanding correctly?

    Right.. and that's what i would expect if you say you're matching subdomains.. unless you mean a whole different thing by that.. svn.rexdev.de is a completely different site than rexdev.de .. as is stats.rexdev.de and so on.. i have a huge list of dev subdomains @ rexdev.de.. which i might add is a very common scheme in web developement.. and not only there..
    khad wrote:

    The problem we run into is that previous URL matching schemes were not "permissive" enough for the vast majority of our users. For example, if someone saved a Login at [font=courier new,courier,monospace]login.example.com[/font] and then tried to use that Login when accessing the site at [font=courier new,courier,monospace]example.com/index.php?app=core&module=global&section=login [/font]they were confused as to what happened to the Login they had already saved for the site.

    Oh oh.. that explains the general feel amongs us devs that 1P used to be better.. we're getting closer to the root of things..
    khad wrote:

    In this sense, the vast majority of our customers want less specific URL matching and list of available Logins rather than more. 99% of users simply don't have that many Logins and certainly not for a single domain.

    Funny.. maybe 3-4 years ago i heard the first time about 1P.. from dev folks.. and even now, from all users i know, only the IT-centric ones know or use 1P. But if you say vast majority/99% are iUsers, i'll have to take your word.. but that's not the point, since differing needs could easily be adressed.
    Nobody would complain if you'd throw in a few settings (if only by providing some plist vars to tweak) so users could control the matching behaviour.. let the defaults be as joe sixpack compatible as he wishes, BUT: don't be Apple and dumb down 1P hardwiredly.. honestly, you're loosing support by the ones how used to be your prime evangelists!

    I do not know how much effort you put into the fuzzy matching so clueless users get what they want.. i don not know how exactly you dissect URLs and what you do with the results, however: i do know a fair share about URL matching, since i'm maintaining a url rewrite addon for the framework/CMS i'm using.. and i'd know right away how i'd setup a scheme that could do both educated guesses, strict matching, and something in between.. what happens currently @ 1P just makes me wonder a little bit what you do in the background.. ok, let's even take the current list result as given, but gee: a list sorted by bookmark title?!? Where's the matching result reflected in that? How about something along the probability/specificity line?

    Seriously.. i still do like 1P.. i do use it for all it can do besides login credentials, however: don't overload it with half baked features just to ring a ding.. if i e.g. look at a GUI disaster like this, i wonder if you're at the right path.

    regards,
    Jan
  • khad
    khad
    1Password Alumni
    You have my word that I am advocating on your behalf for improvements in this regard. I do understand the frustration, and we are looking to make this better in the future. As with all feature requests I am not able to give a time frame for a specific release, but this is certainly on our radar.
  • khad wrote:

    You have my word that I am advocating on your behalf for improvements in this regard.

    "Your word in god's ear".. as we say in this country. ;)

    For the time being: could you eventually give me a few hints - pm wise if you wish - on
    1. where/what file you do the matching..
    2. where/what file you assemble the default bookmark title.. (so i can at least ad the subdomain by default)

    My guess would be it might happen in the extensions global.min.js .. but even uminified it's almost impossible to read (in a sensible timeframe).. so if it's in there, simple linenumber hints would do for me.

    regards,
    Jan
  • khad
    khad
    1Password Alumni
    I'll ask the developers about this, but they are extremely busy lately working on some projects. I may not be able to get back to you on this in a timely fashion, so I appreciate your patience.
  • khad
    khad
    1Password Alumni
    I just had a great chat with one of the developers. Theoretically, it may be possible to modify the domain matching JSON, but this is not something we want to provide tutorials on. I'm not sure that would even work since the extensions are codesigned to prevent tampering.

    One thing we discussed was possibly making the FQDN matches listed at the top and perhaps styled differently to make them stand out. The problem with this approach is that the list is currently alphabetical for the entire "naked domain". We're still kicking around some ideas.

    There are a couple tips that I do want to make sure I mention that may make things a bit easier for you in the meantime.

    1. When you invoke the extension to fill a login, you can narrow down the login by simply typing the name of it. As long as each Login has a unique title, you can easily select it by typing a few characters and then pressing Return to fill it.
    2. Perhaps even better, you can use Option-Command-\ to open the extension popup and then type to find it and press Return to Go & Fill. That will load the exact URL of the login page and fill the correct credentials. This only works if you invoke the extension on a page that is not the domain you wish to Go & Fill.
    3. You can also create 1Click Bookmarks which will always work to Go & Fill the exact login on the exact page you have created the bookmark for.
    4. If you use Chrome, you can type "1p" in the omnibox and then search right in the omnibox for a Login and press Return to Go & Fill.
    5. Alfred and LaunchBar also offer 1Password integration which will allow you to use the Go & Fill feature to load a specific login page.

    I know it's not exactly what you may be looking, but I hope one of the tips helps with your workflow a little bit for now. We'll keep working to make 1Password better for you and other power users with multiple Login items for a single domain.
  • Khad,
    sry for the late reply, but i'm drowning in work..

    khad wrote:
    We're still kicking around some ideas.


    I have one, and i'd think it should be fairly easy to implement:

    * Provide a callback func in some js file (bootstrap.js, or wherever) within the extension package, which is (generally) called after 1p assembled it's list of matches and before the list gets thrown in the popup or - if only one match - is directly used to fill in the credentials.
    * By default the func does nothing, just returns the list in the same state as it came in..
    * but: If someone has different needs in terms of sorting or list items in generall: that's the place where the non agnostic might get their foot in the door..

    /**
    * result list callback/hook
    *
    * @param list   (object)  default list of matches returned from mother
    * @param params (object)  associated params like url/url-fragments, and whatever might be needed/usefull
    * @return	   (object)  the edited list
    **/
    function result_list_callback(list,params){
      // tweak list if u wish here..
      // reorder, discard items..
      // tweak display names for clarity..
      // if only one item left -> straight match, no prompt..
      return list;
    }
    


    This'd be a fairly typical approach known in most modern frameworks.. call it hook, callback, extension point, whatever..
    Average users will never know and never needed it, pros will bow to the gods of agile to finally get something in their hands to make 1p a tool for their needs.

    regards,
    Jan
  • khad
    khad
    1Password Alumni
    I will certainly pass this along to the developers. Again, I — and I think I speak for all of us here — truly appreciate your passion for this. We're working to make this better in the future, but it will take some time to do it right. We've got a lot of other things brewing, so it may not get much loving until after 1Password 4 is released.
  • khad wrote:
    ..so it may not get much loving until after 1Password 4 is released.


    I think this approach is so low level and simple - no gui, no nothing, just calling the hook from the main extension code - that it should be implementable in an hour or so.. (unless my assumptions about the gears inside 1p are totally off track). Make it a part of beta extensions only, or only available to a closed, hand-picked user group, or whatever.. but plz don't let "us" stand last in line after whatever fancy is in the making for iUsers.

    plz let me know what the devs think.. pm if you wish.. it's really a pain in the back each and every day.

    regards,
    Jan
  • khad
    khad
    1Password Alumni
    Thanks again. I'll be sure to post back here with any updates.
  • Has there been any update on this feature?

    Very annoying to get matches from the top level domain instead of the fqdn
  • khad
    khad
    1Password Alumni
    Welcome to the forums, Peter! There has not been any news on this front as the developers have been busy working on some secret stuff. The extension will likely get more attention once 1Password 4 has shipped. This is something I am constantly discussing with them as my job involves advocating to them for users.

    Please let me know if there is anything else I can help with in the meantime.
  • From colleagues i her (can't test v4 at the moment) subdomain matching is still absent..

    C'mon.. this thread is way over a year old, and the problem itself has been adressed multiple times before..

    Is "will likely get more attention" again and again all agilebits has to offer after all this time?

    regards,
    Jan

  • khad
    khad
    1Password Alumni

    As I mentioned above at least a couple other times, the extension will likely get more attention once 1Password 4 has shipped. I know it isn't what you want to hear, but 1Password 4 hasn't shipped yet.

  • Sry to upset you Khad.. however:

    I do understand "once has shipped", but - given all that's been said and done so far - my undestanding of "likely" is not "aknowledged and devs are workin on it.. just wait". When this phrase was used a year ago.. ok, let's live with it and hope for the best. Today - given v4 is approaching GM - it feels very uncomfortable.

    While hope dies last, "likely" is not exactly a defibrillator..

    regards,
    Jan

  • khad
    khad
    1Password Alumni

    We have the best customers on the planet, and I am reminded of it time after time. You obviously care enough to contact us about this. Thank you for your passion! I wish more folks in this world shared it.

    We deeply appreciate customer input and take it into account constantly. We have always preferred to let the software speak for itself rather than trying to lure people in with promises of future features or products. In fact, I'd never encourage anyone to purchase 1Password (or any product) based on claims of future features or versions. On the contrary, I would advise you and others to always use the tool that meets your needs as best as possible today. If that's not 1Password for you at this time, then we will keep working hard in the hopes that one day it is.

    Please let me know if there is anything else I can help with. I have passed your vote for this along to the developers and would be happy to pass any additional feedback to them as well.

This discussion has been closed.