Add a policy for DisablePasswordReveal
Categories
(Firefox :: Enterprise Policies, enhancement, P3)
Tracking
()
People
(Reporter: mkaply, Assigned: mkaply)
Details
Attachments
(4 files, 1 obsolete file)
So apparently some enterprises have policies against viewing passwords on screen.
Internet Explorer has a policy for this:
DisablePasswordReveal
It just removes the ability to show the password.
We should add that for the new about:logins.
We'll need a separate patch for ESR68 for the old dialog.
Assignee | ||
Comment 1•6 years ago
|
||
jaws:
Can you offer any advice on why this doesn't work? in particular, I get:
JavaScript error: chrome://browser/content/aboutlogins/components/login-item.js, line 191: TypeError: window.AboutLoginsUtils is undefined
When I go to about:logins. I see window.AboutLoginsUtils used elsewhere in this file and in login-list.js it's used during render.
Sorry it's not in phabricator. Have too many changesets right now.
Thanks!
Assignee | ||
Updated•6 years ago
|
Comment 2•6 years ago
|
||
Assignee | ||
Comment 3•6 years ago
|
||
Comment 5•6 years ago
|
||
Backed out changeset 479097530e46 (bug 1586913) for failing at test_login_item.html on a CLOSED TREE.
Backout link: https://hg.mozilla.org/integration/autoland/rev/b40d7c3da6f9a99285901732fc720ef4355dc117
Log link: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=270524002&repo=autoland&lineNumber=1494
Log snippet:
[task 2019-10-09T17:37:12.200Z] 17:37:12 INFO - add_task | Leaving test test_edit_login
[task 2019-10-09T17:37:12.200Z] 17:37:12 INFO - add_task | Entering test test_edit_login_cancel
[task 2019-10-09T17:37:12.200Z] 17:37:12 INFO - TEST-PASS | browser/components/aboutlogins/tests/chrome/test_login_item.html | loginItem should be in 'edit' mode
[task 2019-10-09T17:37:12.201Z] 17:37:12 INFO - TEST-PASS | browser/components/aboutlogins/tests/chrome/test_login_item.html | loginItem should not be in 'isNewLogin' mode
[task 2019-10-09T17:37:12.201Z] 17:37:12 INFO - TEST-PASS | browser/components/aboutlogins/tests/chrome/test_login_item.html | loginItem should not be in 'edit' mode
[task 2019-10-09T17:37:12.201Z] 17:37:12 INFO - TEST-PASS | browser/components/aboutlogins/tests/chrome/test_login_item.html | loginItem should not be in 'isNewLogin' mode
[task 2019-10-09T17:37:12.201Z] 17:37:12 INFO - add_task | Leaving test test_edit_login_cancel
[task 2019-10-09T17:37:12.201Z] 17:37:12 INFO - add_task | Entering test test_reveal_password_change_selected_login
[task 2019-10-09T17:37:12.201Z] 17:37:12 INFO - TEST-PASS | browser/components/aboutlogins/tests/chrome/test_login_item.html | reveal-checkbox should not be checked by default
[task 2019-10-09T17:37:12.201Z] 17:37:12 INFO - TEST-PASS | browser/components/aboutlogins/tests/chrome/test_login_item.html | Password should be masked by default
[task 2019-10-09T17:37:12.201Z] 17:37:12 INFO - TEST-PASS | browser/components/aboutlogins/tests/chrome/test_login_item.html | reveal-checkbox should be checked after clicking
[task 2019-10-09T17:37:12.207Z] 17:37:12 INFO - Buffered messages finished
[task 2019-10-09T17:37:12.207Z] 17:37:12 INFO - TEST-UNEXPECTED-FAIL | browser/components/aboutlogins/tests/chrome/test_login_item.html | waiting for password input type to change after checking for master password
[task 2019-10-09T17:37:12.207Z] 17:37:12 INFO - SimpleTest.ok@chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:277:18
[task 2019-10-09T17:37:12.207Z] 17:37:12 INFO - SimpleTest.waitForCondition/interval<@chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:1045:9
[task 2019-10-09T17:37:12.207Z] 17:37:12 INFO - setInterval handlerSimpleTest.waitForCondition@chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:1043:29
[task 2019-10-09T17:37:12.207Z] 17:37:12 INFO - SimpleTest.promiseWaitForCondition/<@chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:1065:10
[task 2019-10-09T17:37:12.208Z] 17:37:12 INFO - SimpleTest.promiseWaitForCondition@chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:1064:10
[task 2019-10-09T17:37:12.208Z] 17:37:12 INFO - test_reveal_password_change_selected_login@chrome://mochitests/content/chrome/browser/components/aboutlogins/tests/chrome/test_login_item.html:233:20
[task 2019-10-09T17:37:12.208Z] 17:37:12 INFO - nextTick/<@chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:1795:34
[task 2019-10-09T17:37:12.208Z] 17:37:12 INFO - asyncnextTick@chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:1811:11
[task 2019-10-09T17:37:12.208Z] 17:37:12 INFO - setTimeout handler*SimpleTest_setTimeoutShim@chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:686:43
[task 2019-10-09T17:37:12.208Z] 17:37:12 INFO - add_task@chrome://mochikit/content/tests/SimpleTest/SimpleTest.js:1755:17
[task 2019-10-09T17:37:12.208Z] 17:37:12 INFO - @chrome://mochitests/content/chrome/browser/components/aboutlogins/tests/chrome/test_login_item.html:58:9
[task 2019-10-09T17:37:12.208Z] 17:37:12 INFO - Not taking screenshot here: see the one that was previously logged
Assignee | ||
Comment 6•6 years ago
|
||
Needed an explicit === check for false to account for possibility of undefined.
Assignee | ||
Comment 8•6 years ago
|
||
Comment 9•6 years ago
|
||
bugherder |
Updated•6 years ago
|
Assignee | ||
Comment 10•6 years ago
|
||
Assignee | ||
Comment 11•6 years ago
|
||
Comment on attachment 9110037 [details]
Bug 1586913 - Add policy for DisablePasswordReveal.
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: Policy specific, adds import policy for passwords
This is an ESR only version of patch. - User impact if declined: Admins unable to prevent viewing passwords
- Fix Landed on Version: 71 (71 specific)
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): Policy only.
- String or UUID changes made by this patch: Yes, accepted by l10n
Assignee | ||
Updated•6 years ago
|
Updated•6 years ago
|
Comment 12•6 years ago
|
||
Hello,
Confirming this issue as verified fixed on 72.0a1 (2019-11-20) and 71.0b11 . Verified using Windows 10x64 , Ubuntu 18.04 and macOS 10.14.6.
Updated•6 years ago
|
Comment 13•6 years ago
|
||
Comment on attachment 9110037 [details]
Bug 1586913 - Add policy for DisablePasswordReveal.
Fix for enterprise policies, verified in beta, OK for uplift for 68.3esr.
Updated•6 years ago
|
Updated•6 years ago
|
Comment 14•6 years ago
|
||
bugherder uplift |
Assignee | ||
Comment 15•6 years ago
|
||
Comment 16•6 years ago
|
||
Comment 17•6 years ago
|
||
bugherder |
Comment 18•6 years ago
|
||
Hello ,
Confirming this issue as verified fixed on 68.3.0esr (BuildID:20191126000427). Verified using Windows 10x64 ,macOS 10.15 and Ubuntu 18.04.
Description
•