[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [bug #45732] Please document --ask-password in manual sec

From: Reuben Thomas
Subject: Re: [Bug-wget] [bug #45732] Please document --ask-password in manual section 2.1
Date: Tue, 18 Aug 2015 22:12:50 +0100

Thanks very much for making a patch. It looks good, but I think it could be
improved further.

You could delete "To work around it, use @code{wget -i -} and feed the
@sc{url}s to Wget's standard input, each on a separate -line, terminated by
@kbd{C-d}." from the body of the text, and simply leave the cross-reference
to the "Security considerations" section. Thus, the user is not tempted to
immediately use the wget method, but actually read that section.

The other new insertion I find a bit hard to read because of all the

"If non-interactive behaviour is not an absolute requirement, it is also
possible to pass the @code{--ask-password} option to Wget."

Also, it is I think unnecessarily confusing to describe this disadvantage
before describing what the option does do.

How about:

Alternatively, you can use --ask-password, which will prompt for the
password, or, in a non-interactive session, attempt to read it from stdin.

Two more things to note:

1. --ask-password can be used in a non-interactive session, since it will
then read from stdin. So in fact it's an alternative to the method of
feeding password-containing URLs to stdin (only works for one password, I

2. getpass is marked obsolete. Maybe better not to advertise that we use
it, and investigate replacing it? The man page says: "This function is
obsolete.  Do not use it.  If you want to read input without terminal
echoing enabled, see the description of the ECHO flag in termios(3)." Maybe
gnulib has a suitable replacement? If not, it would be a good place to put

On 18 August 2015 at 16:03, Darshit Shah <address@hidden> wrote:

> If these changes to the documentation look good, I'll turn it into a
> complete patch and push it.
> On Tue, Aug 18, 2015 at 8:15 PM, Darshit Shah <address@hidden>
> wrote:
> > Update of bug #45732 (project wget):
> >
> >                   Status:                 Invalid => Needs Discussion
> >
> >     _______________________________________________________
> >
> > Follow-up Comment #3:
> >
> > That makes more sense. However, there's more than one way of doing this.
> >
> > Wget also supports reading from a user's netrc file. If we start
> mentioning
> > everything in there, the section will quickly degenerate into a different
> > topic. This is mentioned as a footnote.
> >
> > I think could however add a note there asking the user to refer to
> se3ction
> > 2.5 which contains more information about password handling. Maybe, if
> someone
> > is willing, we can also have an entire section on password handling
> mechanisms
> > and workarounds.
> >
> >     _______________________________________________________
> >
> > Reply to this item at:
> >
> >   <http://savannah.gnu.org/bugs/?45732>
> >
> > _______________________________________________
> >   Message sent via/by Savannah
> >   http://savannah.gnu.org/
> >
> --
> Thanking You,
> Darshit Shah


reply via email to

[Prev in Thread] Current Thread [Next in Thread]