Closed
Bug 514889
Opened 15 years ago
Closed 15 years ago
cache problem with django admin interface
Categories
(Toolkit :: Password Manager, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 499223
People
(Reporter: maigfrga, Unassigned)
References
()
Details
(Keywords: access, Whiteboard: [DUPEME])
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2
Build Identifier:
The problem is in the django web framework admin interface.
when i store my password on icewasel 3.0.6 or 3.5.2 firefox private data, and i
want to create a new user, the new user form is preloaded with the
current user's username and password
regards I run a lenny debian .
I reported this bug to django, bet they say that is a firefox bug
http://groups.google.com/group/django-updates/browse_thread/thread/7b180de96e21276d
Reproducible: Always
Steps to Reproduce:
1. save password for the admin interface when the browse ask for it
2. create new user
3.
Actual Results:
The new user form is prepulated whit the current username and password
Expected Results:
blanks fiels for new user creaticon
thread for djando community
http://groups.google.com/group/django-updates/browse_thread/thread/7b180de96e21276d
Updated•15 years ago
|
Component: Networking: Cookies → Password Manager
Product: Core → Toolkit
QA Contact: networking.cookies → password.manager
Comment 1•15 years ago
|
||
The login form has action="/admin/" while the new user has action=""
Normally we only match forms that have the same action URI. When the action is empty, we do a wild card search. All the Django admin forms have action="" and that is causing the problem. They could fix that & this problem would go away.
Otherwise this is a hard problem to tackle. The heuristics for determining a "new user" page would not be worth the minimal tradeoffs.
Whiteboard: [DUPEME]
Comment 2•15 years ago
|
||
I don't think the action URI is involved -- we never store the path from the URL, just the base hostname part (eg "http://host.com").
But you're right about it looking like a user's login page to the password manager -- it can't really tell the difference.
Best workaround is to add "autocomplete=off" to these fields (or the form itself) in the admin page. Not only will this prevent login manager from filling the fields, it will suppress having it ask if you want it to remember the login.
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•