Closed Bug 658936 Opened 13 years ago Closed 10 years ago

Saved Password Is Not filled on Vanguard's login page

Categories

(Toolkit :: Password Manager, defect)

Product:
Toolkit
Component:
Password Manager
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED DUPLICATE of bug 348941

People

(Reporter: david, Unassigned)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20110511 SeaMonkey/2.1
Build Identifier: Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20110511 SeaMonkey/2.1

I have a login password saved in Password Manager for my account at Vanguard.  I can go to the SeaMonkey menu bar and select [Tools > Passwords] and see the password.  

When I go to the cited Web page and insert my login user ID, I get the next page for inserting my login password.  If I have not already entered my master password, SeaMonkey requests it.  When I enter my master password, however, SeaMonkey does not insert my login password into the input area on the page.  No amount of clicking in that area will cause Password Manager to insert my login password.  

I see the same problem with a banking site.  The problem seems to occur only when (1) logins are split with the user ID on one page and the password on the next page and (2) the Web page has autocomplete="off" to block the saving of passwords.  

Reproducible: Always




I know others have commented that this did NOT work with any SeaMonkey 2.0.x.  For me, however, this worked with SeaMonkey 2.0.14 and with prior versions.
Changed from SeaMonkey/Passwords & Permissions to Toolkit/Password Manager.
Component: Passwords & Permissions → Password Manager
Product: SeaMonkey → Toolkit
QA Contact: privacy → password.manager
I'm not sure this will help diagnose the problem.  I noticed a login anomaly at <https://personal.vanguard.com/us/home>, which has the input of the user ID for a split login.  I have to select the input area for my user ID twice before I can start entering the ID.
Somehow, this now seems to be working.  I really do not know what changed to make it work.  

I want to monitor the situation for about a week.  If the problem does not occur again for me in that time, I will then change the severity to Normal.  I feel this should nevertheless be kept open for those who claim it never worked.
It's again not working for me.  Also, it does not work when in Safe Mode.
Stanimir Stamenkov presented a workaround in the mozilla.support.seamonkey newsgroup under the subject "Password Manager workaround".  The workaround is a script for which he suggested implemented in a button created by the Custom Buttons extension.  I instead used PrefBar to create the button.  

The script is as follows (with > indicating a quote):  

> let lm = Components.classes["@mozilla.org/login-manager;1"]
> .getService(Components.interfaces.nsILoginManager);
>
> function fillForms(doc) {
> let forms = doc.forms;
> for (let i = 0; i < forms.length; i++) {
> lm.fillForm(forms[i]);
> }
> }
>
> fillForms(content.document);
>
> let frames = content.frames;
> for (let i = 0; i < frames.length; i++) {
> fillForms(frames[i].document);
> }

The script is indeed a good workaround for this bug.  Since it relies on an extension -- either Custom Buttons or PrefBar -- this workaround is not sufficient to resolve this bug.
I can't get past enough on the Vanguard site to see whether this is the exact case but, on autocomplete="off" forms passwords don't get automatically filled-in after page load:

http://mxr.mozilla.org/mozilla-central/source/toolkit/components/passwordmgr/nsLoginManager.js#336
http://mxr.mozilla.org/mozilla-central/source/toolkit/components/passwordmgr/nsLoginManager.js#1075

On such forms, passwords get automatically filled-in after completing (either manually or semi-manually) corresponding username field:

http://mxr.mozilla.org/mozilla-central/source/toolkit/components/passwordmgr/nsLoginManager.js#340
http://mxr.mozilla.org/mozilla-central/source/toolkit/components/passwordmgr/nsLoginManager.js#360

On split-page logins, on the password page there's no username field to trigger the later.

Note also, even if there's no autocomplete="off" on the form but there is more than one login info stored for the given origin/target (e.g. by using the Saved Password Editor [1] extension, or other means), Firefox and SeaMonkey don't provide any UI to choose which one to use (identified by account/username), resulting in the same situation - no automatic password fill-in possible.  There was no such problem with Firefox and SeaMonkey versions prior 2.0.  Related extension restoring that functionality to some extent is Secure Login [2].

[1] https://addons.mozilla.org/addon/saved-password-editor/
[2] https://addons.mozilla.org/addon/secure-login/
(In reply to comment #6)
> Note also, even if there's no autocomplete="off" on the form but there is
> more than one login info stored for the given origin/target (e.g. by using
> the Saved Password Editor [1] extension, or other means), Firefox and
> SeaMonkey don't provide any UI to choose which one to use (identified by
> account/username), resulting in the same situation - no automatic password
> fill-in possible.

If there are multiple matches for a form, an autocomplete handler is added to the username field (pressing down arrow is enough to trigger it). You can select the username and it will fill in the password.
On autocomplete="off" forms, the autocomplete handler for remembered username(s) is attached only if password field is also present in the form.  This does not happen when the username field appears alone on a page - split-page login.  Similarly, if there are multiple login details remembered for the same origin/host - there's no way to trigger the password fill-in, if there's just password field on the page.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
Summary: Saved Password Is Not Entered for Login → Saved Password Is Not filled on Vanguard's login page
You need to log in before you can comment on or make changes to this bug.