Suppose I have a machine M and a webserver S. From M, I would like to be able to visit a page on S which will log me into some site X (e.g., Gmail). However, I want this to happen without M ever handling any password details. Also, I don't want to use a proxy, but rather have the end result be as if M were actually visiting the site X logged in. To recap:
- On machine M, I visit a special page on server S.
- Server S logs into X and transfers cookies or whatnot to M.
- M never processes the password for X.
- End result is the same as if M had actually logged into X itself.
Is this even remotely possible? I understand that there are limitations on what cookies a website can set, etc., so transferring cookies may be an issue, but maybe this can be avoided if I also control the browser?
Note: You may assume that I have full control over S, and full control over the browser on M (probably Firefox). The server S, of course, knows the necessary password to X.
Please feel free to edit my title and tags as necessary as I find it difficult to categorize this question.