Closed
Bug 298818
Opened 20 years ago
Closed 18 years ago
Blank username and password not remembered
Categories
(Toolkit :: Password Manager, defect)
Toolkit
Password Manager
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: a.c.li, Unassigned)
Details
(Keywords: helpwanted)
Attachments
(1 file)
|
58.57 KB,
application/octet-stream
|
Details |
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050517 Firefox/1.0.4 StumbleUpon/1.9993 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050517 Firefox/1.0.4 StumbleUpon/1.9993 If a site requires blank username and blank password (in wget parlance, --username '' --paswd ''), Firefox will bring up the password manager and offer to remember the password. But it will not remember the password, and if the site has many images or has frames, the user will need to click the "OK" dozens of times before the web page fully loads. Once a web page is loaded, clicking a link may or may not result in Firefox bringing up the Password Manager screen again. Reproducible: Always Steps to Reproduce: 1.Configure or find a web site that requires blank username and blank password, preferably with lots of images, css, frames etc. 2.Try to load the page Actual Results: Firefox will ask you forever to enter the username and password (which are blank) and offers to remember them, but never does Expected Results: It should remember the blank password and blank username. Blank is not equal to undefined. It should only not remember when username and password are not required (i.e., undef), not when they are blank (i.e., "") This is not a duplicate of bug 217439, which is the opposite problem.
|
Reporter | |
Updated•20 years ago
|
Version: unspecified → 1.0 Branch
Related to Thunderbird bug 278454 and Suite (Mail) bug 73931?
|
||
Comment 2•19 years ago
|
||
Ambrose - your reported Firefox version(s) are too old a build to analyze bugs against now. The problem you are reporting may well have been fixed already. Could you please download a recent version or nightly build from <http://www.mozilla.org/releases/nightly.html>, and then let us know if you still see this problem? Many thanks, Cigno
|
|
Reporter | |
Comment 3•19 years ago
|
||
It will take some time for me to rebuild Firefox on my Linux environment (it's just slightly old enought that the prebuilt binaries won't run). But in the meantime I can confirm that the problem is still present in the MacOSX build of Firefox 1.5.
OS: Linux → MacOS X
Version: 1.0 Branch → 1.5 Branch
|
|
Reporter | |
Comment 4•19 years ago
|
||
Sorry for the delay. I just finished compiling and installing a copy of Firefox 1.5.0.1 "Deer Park". I can confirm that the problem still exists. The problem also exists with the prebuilt copy of Windows Firefox 1.5.0.1 I got. I am changing both Platform and OS to All, as I am seeing this on Linux, Windows, and MacOSX.
OS: MacOS X → All
Hardware: PC → All
Contains suggested code for updating the password manager to store blank passwords on form submission
I think part, if not all of the problem lies within nsPasswordManager.cpp... If you notice the following block in the nsPasswordManager::Notify method: passFields.ObjectAt(0)->GetValue(passValue); passFields.ObjectAt(0)->GetName(passFieldName); // If the password is empty, there is no reason to store this login. if (passValue.IsEmpty()) return NS_OK; The code is basically saying "No password, no storage" and I think that's causing the main problem. However, I do believe the user should supply at least a username in order to be stored in the password list. In reality, we're dealing with just name and values, so how would you represent the "null" uname/pwd and not apply it to every site? My suggestion would be in the attached code starting on line 1126.
I suggest that the version be changed to Trunk... It's not exclusive to any one branch.
|
|
||
Updated•19 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
Version: 1.5.0.x Branch → Trunk
|
|
||
Updated•18 years ago
|
Keywords: helpwanted
|
||
Comment 8•18 years ago
|
||
I don't see a compelling argument for storing blank usernames/passwords. It would just lead to greater confusion, since any form with a password field would be a potential blank login. This would just result in needlessly asking users to save a bogus login. Nor do I see why you're want to store these logins in pwmgr, since the default authentication fields would already be blank.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → WONTFIX
(In reply to comment #8) > I don't see a compelling argument for storing blank usernames/passwords. It > would just lead to greater confusion, since any form with a password field > would be a potential blank login. This would just result in needlessly asking > users to save a bogus login. Nor do I see why you're want to store these logins > in pwmgr, since the default authentication fields would already be blank. I am not advocating storage of blank usernames. I just think that in some scenarios a blank password is a legitimate value (not that I'd say it's right) and pwmgr should treat it the same as a regular set of credentials. What's the difference between the following fields if a web site accepts them as valid logins: UserName Pwd -------- --- steve 12345 steve <null or blank> The answer in my mind is nothing as an empty password is a value. Therefore, pwmgr should offer the user the same kind of convenience.
|
Assignee | |
Updated•16 years ago
|
Product: Firefox → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•