auto filled username not be sent on fidelity.com

NEW
Unassigned

Status

()

P3
normal
2 years ago
a year ago

People

(Reporter: jidanni, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

2 years ago
User Agent: Mozilla/5.0 (X11; Linux i686; rv:50.0) Gecko/20100101 Firefox/50.0
Build ID: 20160925011120

Steps to reproduce:

Tried to login to https://www.fidelity.com/ using what was prefilled.


Actual results:

It said my credentials were wrong.


Expected results:

Be able to login.

Sites like Fidelity are probably using a cookie so that when you visit them later, your username gets pre-filled in. However it is pre-filled in by them with stars **** at the front.

The user then types his password, which is remembered by browsers in the combination ****blabla / password.

A future third login begins the never ending frustration: Both fields are pre-filled in, but login somehow fails, as probably the stars are being sent to the server instead of the full user name, as now Firefox is filling out both fields or something,

The only way for the user to actually login now is for him to retype the his user name.
(Reporter)

Updated

2 years ago
Component: Untriaged → Security
(Reporter)

Comment 1

2 years ago
I also opened https://bugs.chromium.org/p/chromium/issues/detail?id=660396 but I selected "security" which caused the bug to be unviewable to you. Sorry.

Comment 3

2 years ago
I see the SSN (username) parameter will not be send if user was not clicked the username box, with Devtools - Network. This is a website issue.
Status: UNCONFIRMED → NEW
Has STR: --- → yes
Component: Security → Password Manager: Site Compatibility
Ever confirmed: true
OS: Unspecified → All
Product: Firefox → Toolkit
Hardware: Unspecified → All
Summary: ****'s remembered instead of username → auto filled username not be sent on fidelity.com
Version: 50 Branch → unspecified
We just received another report about this on webcompat.com. Regardless of it being site error, it seems that something in Chrome 55.0.2883.87 corrected the issue on their end. Shall we find out what that was and adopt something similar?
Flags: needinfo?(MattN+bmo)
Password manager isn't being actively worked on at the moment so it wouldn't be a high priority to get that info.
Flags: needinfo?(MattN+bmo)
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.