Noodlesoft Forums

Hi,

I've just started getting the following macOS prompts randomly:

hazelworker wants to use your confidential information stored in "example.com (username)" in your keychain. To allow this, enter the "login" keychain password.

It asks me for my login password, and there are Always Allow, Deny, and Allow buttons.

If I click Deny then it keeps prompting me repeatedly until I quit hazelworker.

It seems to be asking for website (HTTP basic auth) passwords that are stored in my Mac keychain.

Why would this happen and is there any way to stop it? Or is it safe to allow Hazel access to my internet passwords?

Hazel 5.1.1 running on macOS 11.6.1.

Thanks!
Matt

Are you using the Upload action in any of your rules?

Thanks for your reply. No I'm not using the Upload action.

The only thing I can think of is that my Downloads folder probably contains files downloaded from URLs that are behind HTTP basic auth (the "Where from:" field in the macOS file properties). Perhaps hazelworker is attempting to crawl those URLs?

I don't think that would trigger it. One thing to try: next time you get the alert, do not click anything. In Hazel, go to Help->View Logs. Send over the last, say, 20 lines.

Code: Select all

2022-01-16 12:44:23.168 hazelworker[54483] File type not supported: {(
    "public.zip-archive",
    "public.item",
    "public.data",
    "com.pkware.zip-archive",
    "public.archive"
)}
2022-01-16 12:44:23.177 hazelworker[54483] File type not supported: {(
    "public.zip-archive",
    "public.item",
    "public.data",
    "com.pkware.zip-archive",
    "public.archive"
)}
2022-01-16 12:44:23.182 hazelworker[54483] File type not supported: {(
    "public.item",
    "public.folder",
    "public.directory"
)}
2022-01-16 12:44:23.187 hazelworker[54483] File type not supported: {(
    "public.item",
    "public.content",
    "public.data",
    "public.composite-content",
    "public.spreadsheet",
    "org.openxmlformats.spreadsheetml.sheet",
    "org.openxmlformats.openxml"
)}

It seems to happen only when Hazel scans my ~/Downloads folder specifically (which does contain files downloaded from URLs behind HTTP basic auth).

I noticed that, 3 times in the current log, there is this message (I think it appears after clicking Deny on that alert a few times):

Code: Select all

2022-01-16 12:50:33.286 hazelworker[54871] Error reading in file /Users/matt/Downloads/download.html: Error Domain=NSCocoaErrorDomain Code=259 "The file “download.html” couldn’t be opened because it isn’t in the correct format." UserInfo={NSFilePath=/Users/matt/Downloads/download.html}

I checked that file's properties and it was downloaded from exactly the same site as mentioned in that alert (the site that has basic auth enabled).

In addition, that file (an HTML page) contains a lot of protected URLs that reside on the same server (inside `link` elements, `a` elements, etc). So if hazelworker was trying to crawl those URLs then that would explain the alerts.

I've moved that file out of my ~/Downloads folder and re-run the Hazel rules a couple of times - no further alerts so far.

Hazel doesn't do any sort of web crawling that I'm aware of but if you are using "Contents contain match" and it tries to run against an html file, it will parse that file. Maybe it's a part of that process. It might be a good idea to filter out html files in that rule.

It was definitely that HTML file that was causing the issue. I've had no further alerts since I moved it out of my Downloads folder.

Yes, I am using "Contents contain match".

I guess Hazel (or a macOS API that Hazel uses) must have been trying to parse and/or request the URLs in that page for some reason.

Thanks,
Matt