objects are used for session and persistent storage of credentials with the
appropriate locking. Passwords are stored on disk insecurely. If the user
uses the checkmark in the authentication window to remember the credentials,
the persistent storage will be used, otherwise the session storage. In another
words, even if not asked to remember the credentials, the same user/pass never
needs to be entered more than once per session, unlike before. WebCore already
contains a CredentialStorage class, but we don't use it. It could be used via
the CURL networking backend implementation, only the CF backend uses it at all.
Since we don't have a "keyring" OS level service, this solution was more
convenient for the time being.
Note all this has nothing to do with storage of form data entered by the user.
git-svn-id: http://svn.haiku-os.org/webpositive/webkit/trunk@478 94f232f2-1747-11df-bad5-a5bfde151594
9f30678a67