Incorrect storage of authenticated stream URLS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Amarok |
Invalid
|
Undecided
|
Unassigned | ||
amarok (Ubuntu) |
Invalid
|
Low
|
Unassigned |
Bug Description
Binary package hint: amarok
When adding streams which employ HTTP authentication via a username/password included in the URL in the format http://
I have tracked down the issue which I believe to be caused by a call to KURL::prettyURL() in StreamEntry::xml() through: url.appendChild( doc.createTextNode( m_url.prettyURL() )) in playlistbrowser
Note that in the kdecore documentation it states that KURL::prettyURL will remove the password entry from the URL, since it is being formatted for display purposes. As a result the stream entry is saved to the stream database without a password present in the URL.
The issue presented in 1.4.6, although it may have existed before then. This functionality may or may not be intentional, however in the case that it is intentional I don't believe it is clear enough to the user that they will need to re-add the password to resolve the problem.
Changed in amarok: | |
importance: | Undecided → Low |
status: | Incomplete → Triaged |
I'd like to fix this. Are you building from source? If so, can you see if it all works well by using .url() instead of .prettyURL()?
I don't have any access to any music location using username:password; alternately if you give me access to something like that I can test it out myself.
Thanks for tracking this down!