On Thu, Mar 26, 2020 at 1:00 PM Magnus Hagander <magnus@hagander.net> wrote:
On Thu, Mar 26, 2020 at 1:53 PM Dave Page <dpage@pgadmin.org> wrote: > > Some, maybe all of the major browsers no longer display the security realm on login prompts, which was previously used to inform the user of the anti-spam username and password used to protect the mailbox archives. This means that the only way to get it now is either to go find it in the source code for the website, or look at the response headers in the browsers developer tools.
FWIW, Firefox still shows it as expected. There's at least one browser out there that's not broken... But yeah, that's not enough, and it seems the others no longer care about this problem (which they said years ago they were going to fix, but since they haven't..)
> The attached patch adds a note to the page instead.
My feeling is that's a very prominent location (and space usage) for something that in the end very few people use. And it also misses the usecase of people downloading thread-as-mbox, as well as the functionality to view raw message, which both use the same protection, so should be equally informed.
Perhaps put it in a title attribute on the link, so it shows as a popup? That would work in all the use cases, I think?
It's a terrible user experience though. How will users know to hover over the link to get the credentials before clicking?