Project

General

Profile

Bug #5468

Root password being filled by Chrome, changing it on host edit

Added by Dominic Cleal over 5 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Web Interface
Target version:
Difficulty:
Triaged:
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

"Recently" (last week or two?), Chrome has started filling in the root password field again on the host edit page, which means your host's new password becomes "changeme" or whatever you happen to have saved.

It appears this is a deliberate feature, even though we set autocomplete=off since #2607:

http://www.theregister.co.uk/2014/04/09/chrome_makes_new_password_grab_in_version_34/
http://www.techno360.in/how-to-enable-autocompleteoff-feature-in-chrome-34/

Associated revisions

Revision 19abc86f (diff)
Added by Shlomi Zadok about 5 years ago

Fixes #5468 - prevent Chrome from autofilling passwords

History

#1 Updated by Dominic Cleal about 5 years ago

http://code.google.com/p/chromium/issues/detail?id=352347 is the main bug report, which while being depressing reading, does appear to be moving in the right direction.

#2 Updated by Lukas Zapletal about 5 years ago

This is annoying and I wonder if we are able to get rid of this by adding some random suffix to the password field name.

#3 Updated by Dominic Cleal about 5 years ago

I don't think it cares about the field name (e.g. it fills in a password from the user field into one called "root_pass"). Some say you can add hidden fields to have it fill those in instead, but eugh.

#4 Updated by Dominic Cleal about 5 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Lukas Zapletal
  • Target version set to 1.7.5
  • Pull request https://github.com/theforeman/foreman/pull/1699 added
  • Pull request deleted ()

#5 Updated by Dmitri Dolguikh about 5 years ago

  • Target version changed from 1.7.5 to 1.7.4

#6 Updated by Dmitri Dolguikh about 5 years ago

  • Target version changed from 1.7.4 to 1.7.3

#7 Updated by Shlomi Zadok about 5 years ago

  • Assignee changed from Lukas Zapletal to Shlomi Zadok

#8 Updated by Dominic Cleal about 5 years ago

  • Pull request https://github.com/theforeman/foreman/pull/1761 added
  • Pull request deleted (https://github.com/theforeman/foreman/pull/1699)

#9 Updated by Dominic Cleal about 5 years ago

  • Target version changed from 1.7.3 to 1.7.2

#10 Updated by Shlomi Zadok about 5 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#11 Updated by Daniel Lobato Garcia about 5 years ago

  • Legacy Backlogs Release (now unused) set to 21

Also available in: Atom PDF