271056 - Undo (Ctrl+Z) in password fields seemingly works, but actually retains the pre-undo value

Status: VERIFIED WORKSFORME

(Toolkit :: Password Manager, defect)

Description

[Prognathous]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.4) Gecko/20041011
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.4) Gecko/20041011

This problem effects both Firefox and Seamonkey (trunk and latest branches), and
is not site-specific.

Reproducible: Always
Steps to Reproduce:
1. Open a Login page (e.g. http://login.passport.net/uilogin.srf?id=2 - you
don't need a Hotmail account)
2. Type anything (e.g. username@hotmail.com) under the E-mail Address field
3. Under Password, type anything (e.g. 1234567)
4. Hold the Backspace key to delete the typed password
5. Press Ctrl+Z to undo the deletion -> the password asterisks will re-appear
6. Click Login

Actual Results:  
A message will display "Please type your password", as if a blank password was
sent (this hints that Undo didn't restore the original buffer).


Expected Results:  
The original password (prior to deletion) should be sent, and if it's correct,
should be accepted.

You can verify this in problem with other password fields, not just Hotmail's
Login screen.

Prog.

Comment 1

[Paul van Schayck]

Made a simplified testcase with PHP:
http://www.meosource.com/firefox/password.php

And also seeing it with
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041109 Firefox/1.0

Comment 2

[Prognathous]

The same problem also appears in Firefox/OS X. Moreover, Context Menu -> Undo
has the same effect as Accel+Z.

Prog.

Comment 3

[Andrew Schultz]

I can reproduce this with Mozilla 1.8a5 (around the date this was filed), but
bug 271154 disabled undo in password fields, so this is no longer an issue.

Comment 4

[Greg K.]

Verified, but invalid rather than WFM since undo no longer works in password fields per comment 3.