181873 - Unable to login to excite because the password gets mangled by mozilla during the POST.

Status: RESOLVED DUPLICATE of bug 121115

(Core :: DOM: Core & HTML, defect)

Description

[Russell Francis]

User-Agent:       Mozilla/5.0 Galeon/1.2.0 (X11; Linux alpha; U;) Gecko/20020502
Build Identifier: Mozilla/5.0 Galeon/1.2.0 (X11; Linux alpha; U;) Gecko/20020502

a packet capture of the POST to the excite page reveals that the password gets
changed to password=xxxxxxxxxxxxx in the reply string regardless of what is
entered in the form.  The POST action should submit the correct password in
plaintext i.e.   password=CorrectPassword.  This happens with Mozilla and with
Galeon but not netscape and only on DEC platform.

Reproducible: Always

Steps to Reproduce:
1.Fill out excite login form.
2.Submit the form
3.

Actual Results:  
Excite says that you have submited an invalid password, which is true because
mozilla has replaced the password you type with a series of 'x' characters.

Expected Results:  
Submited the password and loaded the page.

This is the output from a successful login from netscape 4 as captured from
ethereal ( The password has been changed by me to protect the account).

------ B E G I N -----
POST /excitereg/login_process.jsp HTTP/1.0
Referer:
http://registration.excite.com/excitereg/login.jsp?ref=email&return_url=http://email.excite.com
Connection: Keep-Alive
User-Agent: Mozilla/4.78 [en] (X11; U; Linux 2.4.9-32.5 alpha)
Host: registration.excite.com
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
Accept-Encoding: gzip
Accept-Language: en
Accept-Charset: iso-8859-1,*,utf-8
Cookie: uu=i=68.64.68.177-1035067923161MJ; acceptsCookies=yes
Content-type: application/x-www-form-urlencoded
Content-length: 206

return_url=http%3A%2F%2Femail.excite.com&snonce=cDKgO1rUu%2B9bfjfwYC7M3w%3D%3D&stime=3de268fa&timeskew=20&crep=A3Dw3gpAQ4yHpA%3D%3D&jerror=none&membername=johntabularasa&password=correctpassword&gofer=Sign+In%21HTTP/1.1
302 Found
Date: Mon, 25 Nov 2002 18:16:47 GMT
Server: Apache/1.3.20 (Unix) Resin/1.2.1
Pragma: no-cache
Cache-control: max-age=0, must-revalidate
Expires: Sat 02 Apr 1977 17:15:00 GMT
Location: http://email.excite.com
Content-Length: 61
Set-Cookie: user_num=11709584; Domain=.excite.com; Path=/; Expires=Sun,
18-Nov-2012 14:16:47 GMT
Set-Cookie: user_nme=johntabularasa; Domain=.excite.com; Path=/; Expires=Sun,
18-Nov-2012 14:16:47 GMT
Set-Cookie: fname=John; Domain=.excite.com; Path=/; Expires=Sun, 18-Nov-2012
14:16:47 GMT
Set-Cookie:
P=V=x1.0&zip=45701&Q=244&s=OH&b=269841600000&GR=Hi+John%21&H=Aries&EM=1&EMN=0&UH=1884970512;
Domain=.excite.com; Path=/; Expires=Sun, 18-Nov-2012 14:16:47 GMT
Set-Cookie: XUID=; Domain=.excite.com; Path=/; Expires=Thu, 01-Dec-1994 16:00:00 GMT
Set-Cookie: EDH_P=; Domain=.excite.com; Path=/; Expires=Thu, 01-Dec-1994
16:00:00 GMT
Set-Cookie: CMP_M=; Domain=.excite.com; Path=/; Expires=Thu, 01-Dec-1994
16:00:00 GMT
Set-Cookie: FERNT=; Domain=.excite.com; Path=/; Expires=Thu, 01-Dec-1994
16:00:00 GMT
Connection: close
Content-Type: text/html

The URL has moved <a href="http://email.excite.com">here</a>
------ E N D -------


The following shows an incorrect login as captured by ethereal where mozilla has
mangled the correctpassword into a string of 'x' characters?

-------- B E G I N  B A D  E X A M P L E -------
POST /excitereg/login_process.jsp HTTP/1.1
Host: registration.excite.com
User-Agent: Mozilla/5.0 Galeon/1.2.0 (X11; Linux alpha; U;) Gecko/20020502
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q=0.1
Accept-Language: en-us, en;q=0.50
Accept-Encoding: gzip, deflate, compress;q=0.9
Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66
Keep-Alive: 300
Connection: keep-alive
Cookie: uu=i=68.64.68.20-1038242620315MJ; acceptsCookies=yes
Referer:
http://registration.excite.com/excitereg/login.jsp?ref=email&return_url=http://email.excite.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 190

return_url=http%3A%2F%2Femail.excite.com&snonce=tiBiDHfywX6HK8qOER2s7Q%3D%3D&stime=3de26703&timeskew=23&crep=%3D%3D&jerror=none&membername=johntabularasa&password=xxxxxxxxxx&gofer=Sign+In%21HTTP/1.1
302 Found
Date: Mon, 25 Nov 2002 18:08:51 GMT
Server: Apache/1.3.20 (Unix) Resin/1.2.1
Pragma: no-cache
Cache-control: max-age=0, must-revalidate
Expires: Sat 02 Apr 1977 17:15:00 GMT
Location:
http://registration.excite.com/excitereg/login.jsp?err=-1&return_url=http%3A%2F%2Femail.excite.com
Content-Length: 136
Connection: close
Content-Type: text/html

The URL has moved <a
href="http://registration.excite.com/excitereg/login.jsp?err=-1&return_url=http%3A%2F%2Femail.excite.com">here</a>
------- END- --------

Comment 1

[Russell Francis]

Attachment: bad post captured with ethereal

Comment 2

[Russell Francis]

Attachment: A good post as captured by ethereal using netscape 4.78

Comment 3

[Alexandru Savulov]

Russell,
 
this is a very dificult problem to solve since i don't have a DEC to build and
test. have you tested on other platforms than DEC and it works? i don't think is
the password manager that interferes, but is something that has to do with the
form controls and their widgets. is the number of x's equal the number of chars
in your password? if yes, then is a form control/widget problem. the form
submission code does not contain code that would manipulate values that way.
i'll see if i can get hold of someone that can test this on a DEC machine. thx
for the detailed report!

Comment 4

[Andrew Schultz]

dupe of "cannot login to Yahoo! mail when JavaScript enabled"
(see bug 119952 for the excite version)
this is a gcc bug (see original for all the details).

The password is actually supposed to be sent out in encrypted from in the "crep"
field.  Mozilla/Linux/Alpha screws up the encryption.  The submitted "password"
is *supposed* to be "xxxxxxxxxx".

The fact that NS4 is sending the password as plaintext seems really scary!

*** This bug has been marked as a duplicate of 121115 ***