This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Network Activity
1PW 3.5.8 (build 30881) and prev.
When creating a new login (or updating an old one), 1PW tries to capture an image of the login page as a nice visual reference (preview).
Having 'Little Snitch', I can see that 1PW wants to access the website in order to grab the image. This make sense. OK.
The issue is that there are cases where I see calls to MANY IPs. Perhaps those are all the IPs that are referred by the main page. It may be also from all sorts of tracking IPs that are embedded in the main page. Usually I block those IPs.
Do i understand it correctly?
If so, is it possible to add some limit to the number of the called IPs in 1PW? (perhaps as a preference?) (at the cost of the preview not beeing totally accurate)
When creating a new login (or updating an old one), 1PW tries to capture an image of the login page as a nice visual reference (preview).
Having 'Little Snitch', I can see that 1PW wants to access the website in order to grab the image. This make sense. OK.
The issue is that there are cases where I see calls to MANY IPs. Perhaps those are all the IPs that are referred by the main page. It may be also from all sorts of tracking IPs that are embedded in the main page. Usually I block those IPs.
Do i understand it correctly?
If so, is it possible to add some limit to the number of the called IPs in 1PW? (perhaps as a preference?) (at the cost of the preview not beeing totally accurate)
Flag
0
Comments
-
Hi Locker,
You're exactly right, right now 1Password connects to the site you've saved a Login item for and effectively views this as if it were a browser, to get the most accurate preview. In turn that means that any ads, external content that's embedded etc will be connected to as well, as Little Snitch is showing you.
I'll mention the idea of limiting the connections to the site in question to our developers, I don't know if this is possible or if it would cause any error messages in loading the page, sometimes sites are coded in a way that not loading these could cause the whole site to not load (though that would be a very badly coded site IMHO).
Hope that helps,
[quote name='Locker' timestamp='1299559260' post='22032']
1PW 3.5.8 (build 30881) and prev.
When creating a new login (or updating an old one), 1PW tries to capture an image of the login page as a nice visual reference (preview).
Having 'Little Snitch', I can see that 1PW wants to access the website in order to grab the image. This make sense. OK.
The issue is that there are cases where I see calls to MANY IPs. Perhaps those are all the IPs that are referred by the main page. It may be also from all sorts of tracking IPs that are embedded in the main page. Usually I block those IPs.
Do i understand it correctly?
If so, is it possible to add some limit to the number of the called IPs in 1PW? (perhaps as a preference?) (at the cost of the preview not beeing totally accurate)
[/quote]Flag 0 -
[quote name='stu' timestamp='1299619888' post='22087']
Hi Locker,
You're exactly right, right now 1Password connects to the site you've saved a Login item for and effectively views this as if it were a browser, to get the most accurate preview. In turn that means that any ads, external content that's embedded etc will be connected to as well, as Little Snitch is showing you.
I'll mention the idea of limiting the connections to the site in question to our developers, I don't know if this is possible or if it would cause any error messages in loading the page, sometimes sites are coded in a way that not loading these could cause the whole site to not load (though that would be a very badly coded site IMHO).
Hope that helps,
[/quote]
I agree. I find it disconcerting when 1Password tries to connect (as reported by Little Snitch) to a half-dozen sites upon updating previews, including Google Analytics and a bunch of other sites unrelated to the original site.
I use Little Snitch to block these attempts, but I shouldn't have to. 1Password shouldn't allow these sites to sneak in to a mere icon update.Flag 0 -
Hello Valdemar1,
As Stu mentioned above, the [b]thumbnail preview generation[/b] (not the favicon or apple-touch-icon fetching) is what you are seeing. In order to show an accurate preview 1Password loads the page just as it would load in your browser. All the "extra" stuff is loaded when you load the page in your browser too. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/blink.gif' class='bbc_emoticon' alt=':blink:' />
Because most folks using network monitoring software give [i]carte blanche[/i] to their browsers they don't notice all these page elements being loaded: the browser is allowed to go about its business without any warnings since it has been whitelisted. However, if you tell [url="http://www.obdev.at/products/littlesnitch/index.html"]Little Snitch[/url], [url="http://www.metakine.com/products/handsoff/"]Hands Off[/url], or whichever solution you are using to actually monitor your browser, you will see the same connections being made.
Granted, some folks use extensions like AdBlock and [url="http://www.ghostery.com/"]Ghostery[/url] to block these additional page elements in their browsers — you may do this yourself. 1Password does not have such blocking capabilities at this time.
Please take a look at the [url="http://help.agilebits.com/1Password3/network_activity.html"]Network Activity[/url] section in 1Password's User Guide where we have attempted to be as upfront and transparent about this topic as possible.
You may disable automatic preview fetching in the Logins preference pane by unchecking “Automatically download icons and previews for new Logins” in the Logins preference pane.
I hope that helps. Please let me know if you have any additional questions or concerns!
Cheers,Flag 0 -
[quote name='khad' timestamp='1307873780' post='29045']
Granted, some folks use extensions like AdBlock and [url="http://www.ghostery.com/"]Ghostery[/url] to block these additional page elements in their browsers — you may do this yourself. 1Password does not have such blocking capabilities at this time.
[/quote]
I use all of them. Ghostery, Adblock and ClicktoPlugin are all installed in Safari. There is no carte blanche here.
I guess I'll keep blocking using Little Snitch and 1Password until a solution is forthcoming.Flag 0 -
I think the solution (if you are primarily concerned about those additional page elements) is to disable “Automatically download icons and previews for new Logins” in the Logins preference pane. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />
We are considering splitting the functionality so you can toggle thumbnail preview downloading independently of icon downloading in a future version, but I don't have a time frame for if/when that would be introduced.
Thanks for the feedback!Flag 0 -
Welcome to the forums, jacobly!
I merged your topic with the appropriate thread. Please see the posts above and the [url="http://help.agilebits.com/1Password3/network_activity.html"]Network Activity[/url] section in 1Password's User Guide for more information, but the short version is that, like your web browser, 1Password does not connect to any URL that you have not told it to.
Either you have a login for that URL or a login you have saved [i]references[/i] that URL as one of the elements required to generate its preview.
I hope that helps. Please let me know if there is anything else I can help with. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />
Cheers,Flag 0