Project

General

Profile

Bug #5468

Root password being filled by Chrome, changing it on host edit

Added by Dominic Cleal about 5 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Web Interface
Target version:
Difficulty:
Triaged:
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

"Recently" (last week or two?), Chrome has started filling in the root password field again on the host edit page, which means your host's new password becomes "changeme" or whatever you happen to have saved.

It appears this is a deliberate feature, even though we set autocomplete=off since #2607:

http://www.theregister.co.uk/2014/04/09/chrome_makes_new_password_grab_in_version_34/
http://www.techno360.in/how-to-enable-autocompleteoff-feature-in-chrome-34/

Associated revisions

Revision 19abc86f (diff)
Added by Shlomi Zadok almost 5 years ago

Fixes #5468 - prevent Chrome from autofilling passwords

History

#1 Updated by Dominic Cleal almost 5 years ago

http://code.google.com/p/chromium/issues/detail?id=352347 is the main bug report, which while being depressing reading, does appear to be moving in the right direction.

#2 Updated by Lukas Zapletal almost 5 years ago

This is annoying and I wonder if we are able to get rid of this by adding some random suffix to the password field name.

#3 Updated by Dominic Cleal almost 5 years ago

I don't think it cares about the field name (e.g. it fills in a password from the user field into one called "root_pass"). Some say you can add hidden fields to have it fill those in instead, but eugh.

#4 Updated by Dominic Cleal almost 5 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Lukas Zapletal
  • Target version set to 1.7.5
  • Pull request https://github.com/theforeman/foreman/pull/1699 added
  • Pull request deleted ()

#5 Updated by Dmitri Dolguikh almost 5 years ago

  • Target version changed from 1.7.5 to 1.7.4

#6 Updated by Dmitri Dolguikh almost 5 years ago

  • Target version changed from 1.7.4 to 1.7.3

#7 Updated by Shlomi Zadok almost 5 years ago

  • Assignee changed from Lukas Zapletal to Shlomi Zadok

#8 Updated by Dominic Cleal almost 5 years ago

  • Pull request https://github.com/theforeman/foreman/pull/1761 added
  • Pull request deleted (https://github.com/theforeman/foreman/pull/1699)

#9 Updated by Dominic Cleal almost 5 years ago

  • Target version changed from 1.7.3 to 1.7.2

#10 Updated by Shlomi Zadok almost 5 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#11 Updated by Daniel Lobato Garcia almost 5 years ago

  • Legacy Backlogs Release (now unused) set to 21

Also available in: Atom PDF