Negative lookahead and/or "ignore" flag?

[joachimtingvold]

Hi,

I'm trying to let MultiPass handle BasicAuth on all subdomains on a domain, except subdomains matching a certain regex.

^(?!.*(sub1|sub2|sub3))(.*\.foo\.bar|sub\.baz\.bar|sub\.bar\.foo)$

This should use the credentials for *.foo.bar, sub.baz.bar and sub.bar.foo, with the exception of subdomains of foo.bar that contains sub1, sub2 or sub3.

However, it does not seem to work. Not sure if the regex handles negative lookahead? Maybe MultiPass should have an option where you can add a rule with an "ignore" flag, and all sites matching that rule, will just be ignored by MultiPass?

[krtek4]

The engine simply uses Javascript regular expression engines, so you will have the same limitation it has. As far as I know, JS does not support negative lookaheads.

I understand your use case, but I think it will make the extension too complexe for most people. Also, I don't really have time right now to work on it, but I'll gladly accept any contribution :)

May I ask, why do you need to exclude some domains ? The extension only send the credentials when ask for them, so if the other domains don't need one, the credentials won't be sent. Also, you can use the priority if you want to send another credentials to the other domains as the extension will use the first regex it finds that matches.

[joachimtingvold]

Hi,

Thanks for the explanation.

The use case is that I don't want to store username and password for certain sites (i.e. I want to manually type them), but I want to for "all the other sites on the same domain" (i.e. when you have different users with different access levels). All of them asks for passord, though.

[krtek4]

Hi,

Ok, I get the issue.

FYI, after 5 tries, the extension stop trying the credential and the default password prompt should show. I agree this is not at all optimal, but it would at least work.

As I said, I don't have time in the near future to work on something like that, but I'll gladly merge a PR if the feature does not complexify the normal flow for users.

[joachimtingvold]

Been swamped with work, so haven't had the time to look at this yet.

I was first thinking about adding a new field (lets call it ignore), which would be a simple checkbox. If ignore == checked, ignore the credentials (i.e. skip it when searching for matches).

To avoid having another column (stealing horizontal space), maybe we can use the Priority column. For example ignore credentials with the priority of 0? (or some other pre-defined value). In that case, it should be a simple one-line fix or similar (in the for-loop in getCredentials).

[krtek4]

No problem, I was just doing some house cleaning. Sorry for the pressure :)

Ok, let's go with the 0 or -1 meaning "ignore this line", it will fit well with your use case and others won't be bothered probably.

I'll try to do it today as I setup my whole build pipeline again yesterday.