I've mishandled this issue pretty badly. Incredibly, my previous patch,
which was intended to ensure we always normalize URIs to security
origins when working with form auth data, only fixed use of the form
auth data cache. It didn't actually fix any use of the secret service
itself. Fix that.

This commit notably removes support for mailman passwords, which is
making the code way too complicated and conflicts with the goal of
storing only security origins and not full URIs in the secret service.

Note: this normalization is way better than what we were doing before.
In particular, it incidentally fixes odd bugs like the URI framgment,
even the empty fragment #, being sufficient to trick our password
manager into storing separate passwords, so this should also make the
password filling significantly more reliable than it used to be. (Unless
you need per-URI passwords without a username, i.e. mailman passwords,
in which case you're just out of luck, sorry!)

https://bugzilla.gnome.org/show_bug.cgi?id=752738