Closed Bug 327977 Opened 16 years ago Closed 13 years ago

Password manager overwrites page data for password-only forms

Categories

(Toolkit :: Password Manager, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla1.9.1a1

People

(Reporter: philor, Assigned: Dolske)

Details

Attachments

(1 file)

Bug 235336 added remembering a password without a username, but that means we now have to consider the bug 270558 problem of overwriting data filled by the page for forms with just a password, without a reasonable solution I can see: right now, we overwrite whatever the page filled with our saved password, which will sometimes be right and sometimes wrong, but not overwriting would also sometimes be wrong, and we can't just attach an autocomplete widget that would offer to fill in "*******".

I'd just wontfix myself, but I'm hoping there's a solution I can't think of right now.
Are there sites or scenarios in which this matters? I can't think of any...
It's certainly possible to contrive one; I expect we'll find out whether or not anyone's been quite that odd once we actually ship something with the fix for bug 235336.
Attached patch Patch v.1Splinter Review
Assignee: nobody → dolske
Status: NEW → ASSIGNED
Attachment #329272 - Flags: review?(gavin.sharp)
Target Milestone: --- → Firefox 3.1a1
Comment on attachment 329272 [details] [diff] [review]
Patch v.1

>diff --git a/toolkit/components/passwordmgr/test/test_basic_form_1pw.html b/toolkit/components/passwordmgr/test/test_basic_form_1pw.html

> function startTest() {

>     todo(false, "Don't clobber prefilled differing password");
>     //for (f = 15;   f <= 18;  f++) { checkUnmodifiedForm(f); }
>     for (f = 19;  f <= 26;  f++) { checkForm(f, "testuser", "testpass"); }
>     todo(false, "Don't clobber prefilled differing password");
>     //for (f = 27;  f <= 30;  f++) { checkUnmodifiedForm(f); }

What about these?
Attachment #329272 - Flags: review?(gavin.sharp) → review+
(In reply to comment #4)

> What about these?

Those tests are checking for if we overwrite page data on username+password forms, which we currently do. The patch in bug 444515 will address that (and I guess enable these tests :)
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
(Pushed in changeset 00f2aeb4b581)
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.