Bug#887384: [bug #53021] Ability to provide password per-instance

Tue, 30 Jan 2018 10:33:35 -0800 

URL:
  <http://savannah.gnu.org/bugs/?53021>

                 Summary: Ability to provide password per-instance
                 Project: GNU Wget
            Submitted by: nok
            Submitted on: Tue 30 Jan 2018 07:28:37 PM CET
                Category: Feature Request
                Severity: 3 - Normal
                Priority: 5 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: 
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: None
        Operating System: GNU/Linux
         Reproducibility: None
           Fixed Release: None
         Planned Release: None
              Regression: None
           Work Required: None
          Patch Included: None

    _______________________________________________________

Details:

Hello,

a feature request from a Debian user:
https://bugs.debian.org/887384

As far as I can tell, Wget only provides the following methods to
provide a HTTP password:

  1. as part of the URL
  2. with --http-password / --password
  3. using ~/.netrc
  4. using --use-askpass
  5. using --ask-password

The problem is that 1 & 2 expose the password in the process table, while
~/.netrc is a centralised resource that may not be editable by a script. 4 & 5
are interactive, and while I could provide an ad-hoc askpass script, this is a
gross hack.

It'd be awesome if Wget could provide one or more of the following methods to
provide the password:

  1. read it from $WGET_PASSWORD
  2. read it from a specific file
  3. read it from a netrc-style file that is not ~/.netrc
  4. let --use-askpass specify parameters to the script/binary to invoke

Ftr, my current hack involves creating an executable temporary file with
content like this:

  #!/bin/sh
  echo username:password

and then invoking wget like so:

  wget -c --use-askpass=tempfile …

and that works, but it's a hack that I think could be rendered
obsolete by Wget functionality. Lftp and cURL both provide ways to either read
from the environment, or to override the netrc filename.
Lftp furthermore can be scripted itself, which solves the problem
in its own way.

Thank you.




    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?53021>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

Reply via email to