Logins not filled in on XML+XSLT page

REOPENED
Unassigned

Status

()

Toolkit
Password Manager
REOPENED
11 years ago
3 years ago

People

(Reporter: Ulrich Voigt, Unassigned)

Tracking

({regression, testcase})

1.8 Branch
x86
Windows XP
regression, testcase
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

Attachments

(6 attachments, 1 obsolete attachment)

(Reporter)

Description

11 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1) Gecko/20060918 Firefox/2.0
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1) Gecko/20060918 Firefox/2.0

The password manager does not fill the login information on the site http://bananabay.feenix.de/Login.php. It prompts for the master password after the login button has been pressed. But obviously this is too late. 

This is a regression for Firefox2.0. Firefox 1.5.0.x works fine and fills in the login information.

Reproducible: Always

Steps to Reproduce:
1. Open http://bananabay.feenix.de/Login.php
2. Fill in any login (e.g. user abc password defghij)
3. Save the password with the password manager
4. Close and reopen Firefox (2.0)
5. Open http://bananabay.feenix.de/Login.php again

Actual Results:  
The login information is not prefilled. The password manager asks for its master password not until the login button is pressed.

Expected Results:  
The password manager asks for the master password just after the page has been loaded and prefills the login information.

This is a regression for Firefox2.0. 
Firefox 1.5.0.x works fine.
(Reporter)

Updated

11 years ago
Keywords: regression
(Reporter)

Updated

11 years ago
Version: unspecified → 2.0 Branch

Updated

11 years ago
Keywords: qawanted

Comment 1

11 years ago
this causes us to have to type the password 2 or more times....while many times everything hangs because of it.  Tried to disable the master password and because of FIPS can't.  Found some info but I am not that experienced and dont understand how to disable it.  Today I had to type password 3 or 4 times before getting into the browser
(Reporter)

Comment 2

11 years ago
Anyone out there who can confirm this bug? FF2.0 is not far away and I fear that this bug does not only occur on the example site.

Comment 3

11 years ago
> Anyone out there who can confirm this bug? FF2.0 is not far away and I fear
> that this bug does not only occur on the example site.
> 

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0
Similar here. 
Password manager popped up the first time asking me if I'd like to remember, which I did. It *never* reappeared, not even when i clicked the button. Tried at least 5 times. I removed the password from the manager and tried again, exactly the same (asks to remember 1st time, never reappears).
My passwords are being saved at other sites. 

Updated

11 years ago
Blocks: 382734
I just tested this on 2.0.0.4.  While you are logging in at http://bananabay.feenix.de/Login.php it redirects to http://bananabay.ageofpirates.de/Login.php and the actual URL that is saved in password manager is http://bananabay.ageofpirates.de.

Since password manager doesnt have a password saved for the URL you are redirected to, it does not fill in login information.
Hmm, the redirect seems unrelated... The feenix.de -> aop.de redirect seems to happen before the page loads.

My trunk build isn't showing any signs of looking for forms on the page, and it looks like the actual page is XML with an XSLT transformation... There's code in pwmgr to ignore non-HTML pages, so that's probably getting triggered here. I'll need to take another look to see if the content-type detection needs fixed (which wouldn't surprise me, although it's already a bit too permissive), or if this is a case we don't want to support.
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true

Updated

11 years ago
Assignee: nobody → dolske
Status: ASSIGNED → NEW

Updated

10 years ago
Summary: Password manager prompts for master password after login to an already known site → Logins not filled in on XML+XSLT page

Comment 6

10 years ago
Created attachment 297699 [details]
xsl template for simplified test case

Comment 7

10 years ago
Created attachment 297700 [details]
xsl template for simplified test case

Updated

10 years ago
Attachment #297700 - Attachment is obsolete: true

Comment 8

10 years ago
Created attachment 297701 [details]
xml launcher for simplified test case

Comment 9

10 years ago
Created attachment 297702 [details]
html comparison test case

Comment 10

10 years ago
Added simplified test case.

STR:
1. Open "xml launcher for simplified test case"
2. Enter a username and password into text fields and submit
3. Click the option for minefield to remember the password (ignore the 404 error)
4. Open options->security->show password, note that the user/pass combo is stored in the manager
5. Open "xml launcher for simplified test case" a second time
6. Focus on username field and press down error to select the username entered in step 2 and press tab to autocomplete (note that password is not filled)
7. Open "html comparison test case"
8. Repeat step 6 (note password is filled)

Happy Hunting, sounds Justin already has a good lead on how to fix this.  Although I would note the original url submitted that exhibited problem was abusing this technique to have a nice keyword laden spam page source and then switch it out for the real page.

Comment 11

10 years ago
Sorry forgot to mention what I was performing the STRs on:

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9b3pre) Gecko/2008011704 Minefield/3.0b3pre

Updated

10 years ago
Keywords: testcase
(Assignee)

Updated

10 years ago
Product: Firefox → Toolkit
Assignee: dolske → nobody

Comment 12

8 years ago
I'm experiencing this at my online banking site:

https://remote.bank.allianz.bg/EBank/

using Firefox 3.5.5 and SeaMonkey 2.0 (was working just fine with SeaMonkey 1.1) on Windows XP.  Shouldn't someone confirm this after all this time?
This bug's state is "NEW" which means it's confirmed (otherwise it would be "UNCONFIRMED"). Yes, we know that's confusing for older bugs. :)

SeaMonkey switched to the new login manager code for Seamonkey 2.0, which is probably why it stopped working for you.

Updated

7 years ago
Duplicate of this bug: 125166

Comment 15

7 years ago
Could this be related to Bug 355063 Comment 3?

Comment 16

6 years ago
The more likely cause for this issue appears Bug 325891.

Updated

6 years ago
Duplicate of this bug: 736865

Comment 18

4 years ago
Can anyone still reproduce this issue on current Firefox versions?

Please only re-add the keyword if you have a specific request for qa and mention that request in a comment.
Keywords: qawanted

Comment 19

4 years ago
I just tried this on my own websites which suffered from this bug years ago with Firefox as they use client side XSL to generate the login pages and in Firefox 26 it appears to work for both autosaving passwords and autofilling passwords.

Comment 20

4 years ago
Thanks Jan!

If anyone can still reproduce this issue, please reopen it and give all the appropriate details.
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WORKSFORME

Comment 21

3 years ago
Created attachment 8468379 [details]
XSLT sheet 2

Comment 22

3 years ago
Created attachment 8468384 [details]
XML source 2

Uses the "XSLT sheet 2" attachment 8468379 [details].

Comment 23

3 years ago
Using Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0 (but observing the same already when comment 19 reported it as "worksforme"):

1. Open "XML source 2" attachment 8468384 [details];
2. Enter some user name and password, and submit;
3. Choose to save the password;
4. Open "XML source 2" attachment 8468384 [details], again;
5. Double click the user name field, or start typing the user name;
6. Auto-complete the user name from the drop-down which should appear.

Actual results:

The password is not filled-in automatically.

Expected results:

The password should be filled-in automatically, upon completing the user name.
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---

Comment 24

3 years ago
Created attachment 8468386 [details]
pmgr-tests.zip

A login suite I'm using to observe various password manager behavior, including this one.  So far this is the only one left which doesn't work as expected.

Comment 25

3 years ago
My steps to reproduce appear incomplete.  The problem is observed when there are more than one set of credentials remembered for the domain.  If only one login remembered – it appears pre-filled already when then page is opened.
You need to log in before you can comment on or make changes to this bug.