Closed
Bug 1020701
Opened 10 years ago
Closed 2 years ago
Don't modify hidden/disabled/readonly fields
Categories
(Toolkit :: Form Manager, defect)
Toolkit
Form Manager
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: MattN, Unassigned)
References
(Blocks 1 open bug)
Details
They may still have @autocomplete and provide hints for which profile to use but we should never modify the value of them.
Flags: firefox-backlog+
|
Reporter | |
Updated•10 years ago
|
Summary: Don't modify hidden/disabled fields → Don't modify hidden/disabled/readonly fields
|
||
Updated•10 years ago
|
Points: --- → 2
Whiteboard: p=2
|
||
Comment 1•7 years ago
|
||
(In reply to Matthew N. [:MattN] (PM me if requests are blocking you) from comment #0) > They may still have @autocomplete and provide hints for which profile to use > but we should never modify the value of them. I can't tell - does this mean hidden fields could still auto-fill? There's a well-publicized phishing vector in that case: https://github.com/anttiviljami/browser-autofill-phishing
|
||
Comment 2•2 years ago
|
||
Looks like we are already doing that in form history/password manager. Please reopen if I'm mistaken.
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•