Closed Bug 423337 Opened 17 years ago Closed 17 years ago

Camino does not save password

Categories

(Camino Graveyard :: General, defect)

Product:
Camino Graveyard
Component:
General
Platform:
PowerPC
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED INVALID

People

(Reporter: smachol, Unassigned)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.12) Gecko/20080206 Camino/1.5.5 Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.12) Gecko/20080206 Camino/1.5.5 All of a sudden Camino stopped saving the username an password for many sites, including the one above. I completely deleted the records from keychain access but Camino will not ask to remember the login info and does not sav it Reproducible: Always Steps to Reproduce: 1. I cannot give you my Paypal password for obvious reasons. The point is that this was working for several months, now it stopped. 2. 3. Actual Results: Camino does not sae or ask to sae he login info. Expected Results: It should save it.
Paypal explicitly disables password autofilling using the autocomplete="off" attribute on the login form. They apparently believe making you remember and type your password every time is a security feature.
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → INVALID
See this article for details: http://kb.mozillazine.org/Wallet.crypto.autocompleteoverride None of the Mozilla browsers ship with this preference on by default because many banks (and PayPal) believe it to be a security risk and will block browsers that default to having it on.
Status: RESOLVED → VERIFIED
With all due respect I wish you would have read what I actually posted. First, this WAS working for many months. It stopped today. Second, this still DOES work with IE in Windows and with Safari and Firefox the username is saved, although not the password. It is only Camino that is broken and won't even remember the name. And finally those two facts are in direct contradiction with your claim about Paypal. So can someone please explain to me why this was woking for 3 month with Camino, then suddenly stopped. Unless you choose to believe (wrongly) that either I am either lying or delusional, then there has to be another explanation. I would greatey appreciate someone taking this a little more seriously.
Status: VERIFIED → UNCONFIRMED
Resolution: INVALID → ---
Both the title and the description of this bug describe a failure to save the password for this site, which is what both people who looked at this bug are discussing, so clearly your report was in fact read. The fact that the *username* is stored in other browsers is completely unrelated to the password manager and the opt-out attribute for the form; that would be something being done by paypal.com itself through a cookie. If you check your cookie settings for paypal.com and make sure you are accepting all of them, and you still get different behavior for the username, then you can file that specifically as a new bug, because it's not related to the password storage system at all. Nobody said that you are either lying or delusional, or contradicted anything you said. One obvious possibility is that the site just changed, and didn't used to have autocomplete="off" on the form. The bottom line is that the site currently has autocomplete="off" set on the login form (regardless of what might have been true for the last three months), which is easily verifiable. That means that the behavior you are seeing now is correct for the current page source, and the bug is therefore INVALID.
Severity: major → normal
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago17 years ago
Resolution: --- → INVALID
Camino does not prompt me to save my passwords for certain sites even though I set the wallet.crypto.autocompleteoverride to true.
Whatever you are seeing is unrelated to this bug then, and you should file a new bug with specific examples and clear steps to reproduce.
You said: "Paypal explicitly disables password autofilling using the autocomplete="off" attribute on the login form. They apparently believe making you remember and type your password every time is a security feature." You are wrong by the way. The passwords are saved with FireFox and IE on the PayPal site just fine. It's only Camino that has this problem. Of course you have already made up your mind, and I see no point is helping you resolve this obvious bug. Some people take bug reports seriously. Clearly the Camino Devs don't and would rather argue with people. Good luck with that.
Status: RESOLVED → VERIFIED
> You are wrong by the way. From the current source of https://www.paypal.com/, which is the address that your reported address redirects to: <legend>Member Log In</legend> <p><label for="login_email">Email address</label><input type="text" id="login_email" name="login_email" value=""></p> <p><label for="login_password">PayPal password</label><input autocomplete="off" type="password" id="login_password" name="login_password" value=""> You can believe I'm wrong if you like, but the source of the page you are talking about disagrees, as is easily verifiable, and I'm going to have to go with the page as authoritative. > The passwords are saved with FireFox and IE on the PayPal site just fine. I never claimed otherwise (although I'd be surprised if, starting from a clean state, either browser would save passwords on the specific page in question as it currently stands with the intervention of a third-party extension or bookmarklet). Saving the password on the page you reported is not the correct behavior though, in any browser, given the current page source (if you are seeing similar behavior on other PayPal pages that don't have autocomplete="off", feel free to point us to them and we'll take a look). > Some people take bug reports seriously. I'm not sure why you are trying so hard to make this adversarial. We investigated your report thoroughly, which is as seriously as we can take a bug report. I even checked again just to make sure the situation hadn't changed since the last round of comments. The resolution you are looking for is not the correct technical outcome. I'm sorry that you are unwilling to accept that as someone with years of experience in browser development, the implementation of password filling specifically, and the political issues surrounding the autocomplete attribute, I do in fact know what I'm talking about. What you are asking us to do is to ignore a de-facto spec, change the behavior of our browser, and as a result get it explicitly banned by every large banking and financial institution on the web. I'm sorry that you are choosing to interpret our responsibility to our userbase as a personal affront; it's certainly not intended that way.
You need to log in before you can comment on or make changes to this bug.