Closed Bug 444968 Opened 16 years ago Closed 16 years ago

password-only forms should prefer a password-only login when present

Categories

(Toolkit :: Password Manager, defect)

Product:
Toolkit
Component:
Password Manager
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla1.9.1b3

People

(Reporter: Dolske, Assigned: Dolske)

Details

(Keywords: fixed1.9.1)

Attachments

(1 file)

Patch v.1
8.49 KB, patch
Gavin
: review+
beltzner
: approval1.9.1+
Details | Diff | Splinter Review 
Spun off when discovered in bug 435531 comment 5:

[...] Even when the testcase's
password-only login is saved, it won't actually get used again. :( There's a
special case in fillForm() to deal with having 1 user+pass login and 1
pass-only login.... but only for filling in a form that takes a username and
password (it prefers the user+pass login). For password-only forms, the code
just thinks there are multiple logins, and fills in nothing. I think it should
probably prefer the password-only login in this situation.
Product: Firefox → Toolkit
Assignee: nobody → dolske
Target Milestone: --- → mozilla1.9.1
Attached patch Patch v.1Splinter Review 
* The first change in the "if (usernameField && usernameField.value)" block isn't needed for this bug, but I wanted to change it to use logins.filter() as the code relevant to this bug does. The way it was getting matchingLogin out from the .some() call always seems a little hackish, anyway.

* The fixed code in the "else" block is no longer just a special case for when logins.length == 2. This is mostly for password-only forms (eg, if you have 1 pw-only login and 3 user+pass logins). This code also works for the other case  (a user+pass form, 1 user+pass login, 3 pw-only logins), although since you shouldn't ever have multiple pw-only logins so it's not terribly interesting. :)
Attachment #337370 - Flags: review?(gavin.sharp)
This is quite important, the mailman web interface uses these crappy password only forms ...
Whiteboard: [need review gavin]
Attachment #337370 - Flags: review?(gavin.sharp) → review+
Whiteboard: [need review gavin]
Attachment #337370 - Flags: approval1.9.1?
I have this problem on USAA.  User-pass login then different PIN on separate page.  The auto entered PIN looks correct (4 asterisks, not 6 of password) - site says "enter digits only" and Camino asks save new or keep old.

FireFox works correctly.

I don't know nothin' about birthin' code but if there is something helpful I can do, let me know.  I apologize if I should not be here.
Camino doesn't use the same password management code as Firefox, so I'm not surprised it's broken there. File a separate bug against Camino, if you wish.

USAA happens to work in Firefox only because the PIN field is length-limited, so we ignore the longer password in the other login (fixed in bug 391514). This is a more general-purpose fix here.
Comment on attachment 337370 [details] [diff] [review]
Patch v.1

a191=beltzner, selfishly, as he hates our password management around mailman
Attachment #337370 - Flags: approval1.9.1? → approval1.9.1+
Pushed http://hg.mozilla.org/mozilla-central/rev/b4a2efb03b83
Status: NEW → RESOLVED
Closed: 16 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: mozilla1.9.1 → mozilla1.9.1b3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: