Closed
Bug 378378
Opened 17 years ago
Closed 14 years ago
password manager stores unnecessary info and creates multiple login records
Categories
(SeaMonkey :: Passwords & Permissions, defect)
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: lmironov, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.2) Gecko/20070222 SeaMonkey/1.1.1 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.2) Gecko/20070222 SeaMonkey/1.1.1 For web pages where a single form is used both for authentication and data entry password manager stores all available form fields which causes the following problems: 1. Every change of each field causes password manager to create a new record for the site. URL mentioned in this bug report posts messages to a web board (note: it is in Russian). Post 10 messages with 10 different subjects and you'll get 10 password manager records for the same site with identical login and password. Every time you visit this page Mozilla will prompt you to select one of 10 password manager records. 2. Password manager saves and restores form data unrelated to passwords, in this example - message subjects and urls - a 'dynamic' data which changes with every message. Restoring it in new messages is at best useless and at worst can be embarrassing or even harmful. Restoring form data other than passwords is the function of the form manager, not of the password manager (BTW turning form manager on or off does not affect the occurrence of this bug) Mozilla 1.1 for OS/2 is also affected. Below is a section of my password file - all form data is stored there, not just login and password. http://garusev.df.ru login xxx *pass xxx email xxx subj xxx url xxx urltitle xxx img xxx . Reproducible: Always Steps to Reproduce: prerequisites: password manager should be on (privacy and security-password-remember passwords), no records for http://garusev.df.ru should be present in the password manager file 1. go to http://garusev.df.ru/cgi-bin/wtboard.cgi?fid=0&root=on 2. post a message with subject1, confirm storing password 3. go to http://garusev.df.ru/cgi-bin/wtboard.cgi?fid=0&root=on 4. post a message with subject2 5. go to http://garusev.df.ru/cgi-bin/wtboard.cgi?fid=0&root=on again Actual Results: a dialog box prompting to select on of the two logins pops up, selecting 1st or 2nd restores not just login and password bu also message subject to subject1 or subject2 respectively. Checking password manager reveals that two records for the same site have been created Expected Results: no dialog box, login and password are restored, message subject and all other fields except login and password are not restored, only one password manager record is created
Comment 1•17 years ago
|
||
Suite-only, Firefox's password manager handles this correctly.
Assignee: dveditz → nobody
Comment 2•16 years ago
|
||
Can you reproduce with SeaMonkey v1.1.9 ?
Version: unspecified → SeaMonkey 1.1 Branch
Oh YES, and it is quite annoying. There are more sites which have extra form fields on login screen e.g. http://thebox.bz - login, password and captcha,
Comment 4•14 years ago
|
||
Based on comment 1 this bug is invalidated by the move to the new toolkit forms-history manager (also used by Firefox) in SeaMonkey 2.0
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•