Closed Bug 1543449 Opened 2 years ago Closed 2 years ago

Don't prompt to save single-character passwords


(Toolkit :: Password Manager, enhancement, P2)




Tracking Status
firefox68 --- verified


(Reporter: MattN, Assigned: sfoster)



User Story

I think the best solution would be to change the `skipEmptyFields` argument to also cause the function to skip field with single-character password values.


(2 files)

Sites use single-character values to defeat our skipEmptyFields heuristic at capture time. It's probably not useful to save a single-character password as most sites wouldn't allow such a short password.

This should fix sites like which have many hidden password fields with static single-character passwords.

See Also: → 1543454
Assignee: nobody → sfoster

Test case: when submitting the form, we expect to get prompted to save a 12-character password with the username "actual-username".

I'm not sure if that test will run & pass on Android. We'll find out.

Pushed by
use a minPasswordLength rather than skipEmptyFields property when collecting password fields. r=jaws

Backed out changeset a1917a9966fb (bug 1543449) for Android failures at tests/SimpleTest/SimpleTest.js


Failure push:

Failure log:

[task 2019-04-13T04:36:51.585Z] 04:36:51 INFO - 388 INFO TEST-OK | toolkit/components/passwordmgr/test/mochitest/test_xhr_2.html | took 2475ms
[task 2019-04-13T04:36:51.586Z] 04:36:51 INFO - 389 INFO TEST-START | Shutdown
[task 2019-04-13T04:36:51.586Z] 04:36:51 INFO - 390 INFO Passed: 587
[task 2019-04-13T04:36:51.587Z] 04:36:51 INFO - 391 INFO Failed: 0
[task 2019-04-13T04:36:51.588Z] 04:36:51 INFO - 392 INFO Todo: 30
[task 2019-04-13T04:36:51.589Z] 04:36:51 INFO - 393 INFO Mode: non-e10s
[task 2019-04-13T04:36:51.589Z] 04:36:51 INFO - 394 INFO Slowest: 197723ms - /tests/toolkit/components/passwordmgr/test/mochitest/test_formless_submit_navigation_negative.html
[task 2019-04-13T04:36:51.589Z] 04:36:51 INFO - 395 INFO SimpleTest FINISHED
[task 2019-04-13T04:36:55.337Z] 04:36:55 INFO - wait for org.mozilla.fennec_aurora complete; top
[task 2019-04-13T04:36:55.544Z] 04:36:55 INFO - | Application ran for: 0:09:44.227681
[task 2019-04-13T04:36:59.606Z] 04:36:59 INFO - adb Ignoring attempt to chmod external storage
[task 2019-04-13T04:36:59.606Z] 04:36:59 INFO - | Running with scheme: https
[task 2019-04-13T04:36:59.606Z] 04:36:59 INFO - | Running with e10s: False
[task 2019-04-13T04:36:59.606Z] 04:36:59 INFO - | Running with serviceworker_e10s: False
[task 2019-04-13T04:36:59.606Z] 04:36:59 INFO - | Running with socketprocess_e10s: False
[task 2019-04-13T04:36:59.607Z] 04:36:59 INFO - | Running tests: start.
[task 2019-04-13T04:36:59.923Z] 04:36:59 INFO - | runApp deleted /sdcard/tests/logs/mochitest.log
[task 2019-04-13T04:37:00.337Z] 04:37:00 INFO - adb launch_application: am start -W -n org.mozilla.fennec_aurora/org.mozilla.gecko.BrowserApp -a android.intent.action.VIEW --es env9 MOZ_CRASHREPORTER_NO_REPORT=1 --es env8 MOZ_UPLOAD_DIR=/sdcard/tests/mozlog --es args "-no-remote -profile /sdcard/tests/profile//" --es env3 DISABLE_UNSAFE_CPOW_WARNINGS=1 --es env2 R_LOG_VERBOSE=1 --es env1 XPCOM_DEBUG_BREAK=stack --es env0 MOZ_CRASHREPORTER=1 --es env7 R_LOG_DESTINATION=stderr --es env6 MOZ_CRASHREPORTER_SHUTDOWN=1 --es env5 MOZ_IN_AUTOMATION=1 --es env4 MOZ_DISABLE_NONLOCAL_CONNECTIONS=1 --es env11 MOZ_HIDE_RESULTS_TABLE=1 --es env10 R_LOG_LEVEL=6 -d ""
[task 2019-04-13T04:37:11.572Z] 04:37:11 INFO - | Application pid: 3507
[task 2019-04-13T04:38:18.537Z] 04:38:18 INFO - 396 INFO SimpleTest START
[task 2019-04-13T04:38:18.537Z] 04:38:18 INFO - 397 INFO TEST-START | toolkit/components/passwordmgr/test/mochitest/test_password_length.html
[task 2019-04-13T04:38:28.751Z] 04:38:28 INFO - 398 INFO TEST-OK | toolkit/components/passwordmgr/test/mochitest/test_password_length.html | took 18509ms
[task 2019-04-13T04:38:28.751Z] 04:38:28 INFO - 399 INFO TEST-START | Shutdown
[task 2019-04-13T04:38:28.751Z] 04:38:28 INFO - 400 INFO Passed: 12
[task 2019-04-13T04:38:28.752Z] 04:38:28 INFO - 401 INFO Failed: 0
[task 2019-04-13T04:38:28.752Z] 04:38:28 INFO - 402 INFO Todo: 0
[task 2019-04-13T04:38:28.752Z] 04:38:28 INFO - 403 INFO Mode: non-e10s
[task 2019-04-13T04:38:28.752Z] 04:38:28 INFO - 404 INFO Slowest: 18490ms - /tests/toolkit/components/passwordmgr/test/mochitest/test_password_length.html
[task 2019-04-13T04:38:28.752Z] 04:38:28 INFO - 405 INFO SimpleTest FINISHED
[task 2019-04-13T04:38:34.015Z] 04:38:34 INFO - Failed to get top activity, retrying, once...
[task 2019-04-13T04:40:32.011Z] 04:40:32 INFO - 406 INFO TEST-UNEXPECTED-FAIL | unknown test url | uncaught exception - TypeError: SimpleTest.harnessParameters is undefined at SimpleTest_setTimeoutShim@
[task 2019-04-13T04:40:32.012Z] 04:40:32 INFO - add_task@
[task 2019-04-13T04:40:32.012Z] 04:40:32 INFO - @
[task 2019-04-13T04:40:32.012Z] 04:40:32 INFO - simpletestOnerror@
[task 2019-04-13T04:40:40.021Z] 04:40:40 INFO - 407 INFO TEST-UNEXPECTED-FAIL | | /tests/toolkit/components/passwordmgr/test/mochitest/test_password_length.html - finished in a non-clean fashion, probably because it didn't call SimpleTest.finish()
[task 2019-04-13T04:40:40.021Z] 04:40:40 INFO - {u'loaded_test_url': u'/tests/toolkit/components/passwordmgr/test/mochitest/test_password_length.html'}
[task 2019-04-13T04:40:40.022Z] 04:40:40 INFO - 408 INFO TEST-UNEXPECTED-ERROR | | Finished in 18169ms
[task 2019-04-13T04:40:40.022Z] 04:40:40 INFO - {u'runtime': 18169}
[task 2019-04-13T04:40:40.022Z] 04:40:40 INFO - TEST-INFO

Flags: needinfo?(sfoster)
Pushed by
use a minPasswordLength rather than skipEmptyFields property when collecting password fields. r=jaws

Thanks for the backout :ccoroiu, I thought I had checked this against android but it looks like my try run only ran xpcshell tests so I missed this. The test is skipped for android in the latest push.

Flags: needinfo?(sfoster)
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla68
Pushed by
Follow-up to properly clear the password field in the doorhanger. r=intermittent
Resolution: FIXED → ---
Closed: 2 years ago2 years ago
Flags: needinfo?(sfoster)
Resolution: --- → FIXED

I have used the test case from comment 1:

  • Affected (Nightly v68.0a1 from 2019-04-08):
    The password manager pop-up to save the credentials would not appear at all.

  • Fixed (Nightly v68.0a1 from 2019-04-23):
    The password manager prompt to save password will appear for the "actual-username" username only.

I have also tested a different test case (

  • Affected (Nightly v68.0a1 from 2019-04-08):
    When attempting to save a random username and a 1-letter password, the password manager prompt would appear and allow you to save a 1-letter password.
  • Fixed (Nightly v68.0a1 from 2019-04-23):
    When attempting to save a random username and a 1-letter password, the password manager prompt would NOT appear at all.

Does this test suffice to verify this bug? If not, please provide some extra steps to verify. Thanks!

Flags: needinfo?(MattN+bmo)

That sounds great

Flags: needinfo?(MattN+bmo) → qe-verify+
You need to log in before you can comment on or make changes to this bug.