As an enthusiastic user of this module, I have encountered problems with autofill, where (a) the first password field is autofilled on a node form, where no password is needed, the second field is not, so 'save' failes; and (b) where fields with a name containing 'name' are pre-filled with a user name.

Since autocomplete="off" has stopped working in many browsers, and for my clients changing this to autocomplete="new-password" turns out to be a fix.

CommentFileSizeAuthor
#5 protected_node-7.x-1.5-no_autofill.patch1.15 KBvangelisp

Comments

John_B created an issue. See original summary.

john_b’s picture

john_b commented
Issue summary: View changes
john_b’s picture

john_b commented
Title: change type="password" to prevent autofill woes » change autocomplete="off" to autocomplete="new-password"
Issue summary: View changes

Modified issue to simply suggest changing autocomplete="off" to autocomplete="new-password" since in testing, with a single client on a single browser, this has proved sufficient to deal with the problem of prefilled password field (and in one case prefilling of a text field with 'name' in its name) with a user name.

vangelisp’s picture

vangelisp commented

I can confirm that this issue appears quite often now on one of my clients.

Steps to replicate: protected_node 7.x-1.5
User browser: Firefox 71.0 / Ubuntu
Website on https

Before the patch:
Password on first password field is prefilled thus disallowing user to save the page. Also confuses them that they need to enter their login password to proceed.

After the patch:
Password is empty until they actually populate it.

I am attaching a patch for the 7.x-1.5 version of this module.

vangelisp’s picture

vangelisp commented
StatusFileSize
new protected_node-7.x-1.5-no_autofill.patch1.15 KB

This is a patch that will resolve the situation. Works with 7.x-1.5 version

grimreaper’s picture

grimreaper
Primary language French
Location France 🇫🇷
commented
Assigned: Unassigned » grimreaper
Status: Active » Needs review

Hello,

I have been able to reproduce the problem and confirm that the patch fixes it.

Thanks!

  • Grimreaper committed 8ed87da on 7.x-1.x authored by VangelisP 
    Issue #3072098 by VangelisP, John_B, Grimreaper: change autocomplete="...
grimreaper’s picture

grimreaper
Primary language French
Location France 🇫🇷
commented
Assigned: grimreaper » Unassigned
Status: Needs review » Fixed

Patch merged!

Thanks!

I am going to make a new release.

grimreaper’s picture

grimreaper
Primary language French
Location France 🇫🇷
commented

For the record: https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.