PSM manager does not work on https sites

VERIFIED FIXED in mozilla0.9.2



18 years ago
18 years ago


(Reporter: john, Assigned: dougt)



Firefox Tracking Flags

(Not tracked)


(Whiteboard: critical for 0.9.2, ready to checkin)


(1 attachment)



18 years ago
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Win 9x 4.90; en-US; rv:0.9.1+) Gecko/20010622
BuildID:    2001062204

PSM no longer pops up to ask if you want to store a password, and sites that
have previously remembered passwords no longer fill in the form fields

Reproducible: Always
Steps to Reproduce:
1. go to any site with a login/password you have previously saved
2. PSM does not fill in fields

1. Go to site where you have not saved password and manually fill them in.
2. PSM does not ask if you want to rememeber the password.

Actual Results:  PSM does not fill in fields, does not ask if you want to
remember passwords

Expected Results:  PSM uses previously saved passwords or asks for use of new ones

I have marked this as critical as data is lost ie, saved passwords are not
longer available from PSM

Comment 1

18 years ago
John, this feature works for me on the 0.9.2 branch build from today (06/25). 
Can you try that build and report back?

Also, can you try out this feature on a new profile?

Comment 2

18 years ago
This is not working for me on 6/25 Win98, Linux, Mac or WinNT branch builds. 
Setting to blocker. OS =all
Severity: critical → blocker
Component: Daemon → Client Library
Ever confirmed: true
Keywords: nsdogfood
OS: Windows ME → All
Hardware: PC → All
Version: 1.01 → 2.0

Comment 3

18 years ago

Have you ever blown away the key3.db file associated with the profile you're
seeing this with?

Comment 4

18 years ago
reassigning to Steve Morse.  John Unruh reports the same bug when using "obscure".

It works for me and mcgreer, so I don't know what the real nature of the problem
Assignee: ddrinan → morse

Comment 5

18 years ago
Moving to Browser/Password Manager
Component: Client Library → Password Manager
Product: PSM → Browser
Target Milestone: --- → mozilla0.9.2
Version: 2.0 → other
adding keywords. 
Keywords: nsbeta1+
Priority: -- → P1


18 years ago
Whiteboard: investigating

Comment 7

18 years ago
Okay, I have checked with today's (25th June) build, and the problem is still there.

I also created a new profile and the problem is still as described from a virgin

When re-installing an older version (15th June), everything is working again
(except for PSM from the mail start window, which I previously reported).

With regards to the key3.db, I've never knowingly trashed it, and it is still
there with data. As this file still seems to work correctly when reverting back
to an older version of Mozilla, this seems unlikely to be the problem.

Comment 8

18 years ago
Am unable to reproduce.  With a build that I made last night this is working 
fine.  Have tested this on both NT and linux.

junruh and/or, can you reproduce this failure on the 
trunk builds or only on the branch?

Comment 9

18 years ago
6/26 WinNT branch build - fails. 6/26 Win98 trunk build - fails.

Comment 10

18 years ago
I've only been testing on the builds labelled "latest nigthly builds" (whatever they are).  Sometime between 15th June and 22nd June this problem was introduced

Comment 11

18 years ago
I'm testing the in-house builds from here.

Comment 12

18 years ago
Can you give me the specific URL that you are using in your testing.

Comment 14

18 years ago
Do you mean the that has the following form tag? :-(

<form method=post action="" 
autocomplete=off name=a>

Comment 15

18 years ago
And the other example, namely, works 
fine when I copy it to my own site which is http.  I do see the failure on your 
https site.

So the problem has to do with https which means I'm bouncing it back to the 
security group.  Also changing the summary from

   PSM manager no longer works


   Password manager does not work on https sites
Assignee: morse → ddrinan
Component: Password Manager → Security: Crypto

Comment 16

18 years ago
I'm getting my builds from:

Comment 17

18 years ago
Steve,  I don't agree yet with your comment "So the problem has to do with https".

SDR works for me on both these sites:
I tried this on my profile, and on a new profile.  It works in both cases.  This
isn't a crypto problem.  It's something lower down.

Another clue:  I cannot open the View Password Manager window, though others can
so without any trouble.  I am able to open that window with a fresh profile.  In
other words, there are some really strange things going on, perhaps at a lower
level that either SDR or the View Password Manager.

Please see if you can track this down.  There's something fishy going on here.

Assignee: ddrinan → morse

Comment 18

18 years ago
OK, I'll prove my comment:

   "So the problem has to do with https"

I set a breakpoint in extensions/wallet/src/singsign.cpp line 2048 which reads

   (passwordRealm, nsIIOService::url_Host, 0, 0, getter_Copies(strippedRealm));

Then I step into ExtractUrlPart (which is nsIOService.cpp) and I get to line 506 
which reads:

   rv = GetParserForScheme(scheme, getter_AddRefs(parser));

This call is returning an error code when scheme is https but not when schem is 
http.  The failure is coming at line 455 of that file which reads

   rv = parserList->GetNext(getter_AddRefs(entry));

You can verify this by pressing the submit button on junruh's https site 
( and then on my http site 
(http://peoplestage/morse/bug.htm) which mirrors his site exactly.

Comment 19

18 years ago
Bob, please run your test again.  I am definitely not getting a failure on 
junruh's http site.  On that site I get the password-manager dialog asking if I 
want to save the values.  This is completely consistent with my claim that the 
problem is https related.

Shall I reassign this back to your group or are you still not convinced?

Comment 20

18 years ago
Using a new profile, I can't get neither
etrade login to ask me if I want to save the passwd.
Using Linux 0.9.2 2001062604 build.

Comment 21

18 years ago
I'm pretty sure I also had this failure on non-https sites when I had one of the
faulty versions installed.

Comment 22

18 years ago
Please don't morph this bug.  The problem in this bug involves password 
manager not working with https sites.  And this is demonstrated with junruh's 
https test page.  I'm updating the summary line to make that explicit.

The problem with etrade I'm sure is the same one that I dismissed in my comment 
of 2001-06-26 10:29 -- namely the "autocomplete=off" attribute.  As such, any 
bug report that claims that password manager doesn't work with etrade or with is invalid.
Summary: PSM manager no longer works → PSM manager does not work on https sites

Comment 23

18 years ago
moving to PSM
Assignee: morse → ssaux
Component: Security: Crypto → Client Library
Product: Browser → PSM
Target Milestone: mozilla0.9.2 → 2.0
Version: other → 2.0

Comment 24

18 years ago
-> ddrinan
Assignee: ssaux → ddrinan

Comment 25

18 years ago
As Steve has pointed out, the code is failing during the parsing of urls with
https. This parsing happens in mozilla/netwerk/base/src/nsIOService.cpp. There
has been quite of few changes to this code in the past week and my suspicion is
that there has been a regression here. 

Assigning to dougt.
Assignee: ddrinan → dougt
Component: Client Library → Networking
Product: PSM → Browser
Target Milestone: 2.0 → mozilla0.9.2
Version: 2.0 → other

Comment 26

18 years ago
found the problem.... 

Comment 27

18 years ago
Created attachment 40226 [details] [diff] [review]
fixes problem

Comment 28

18 years ago
steve, can you verify that this fixes the problem?  This probably should be 
fixed on the branch.

Comment 29

18 years ago

Comment 30

18 years ago
I applied the patch and it indeed fixes the problem


Comment 31

18 years ago
Checked into the trunk:

Checking in nsIOService.cpp;
/cvsroot/mozilla/netwerk/base/src/nsIOService.cpp,v  <--  nsIOService.cpp
new revision: 1.98; previous revision: 1.97

Should we check this into the branch?

Comment 32

18 years ago
I would think that would be a good thing to do.

Comment 33

18 years ago
a=chofmann for the branch
Whiteboard: investigating → critical for 0.9.2, ready to checkin
Checked into 0.9.2.  Closing.  Re-open if you guys need to but it looks like it
was held open for the 0.9.2 branch.
Last Resolved: 18 years ago
Resolution: --- → FIXED

Comment 35

18 years ago
Verified fixed.
You need to log in before you can comment on or make changes to this bug.