Open
Bug 1119077
Opened 10 years ago
Updated 2 years ago
Support capturing of login credentials on pages which manipulate the values entered by the user before submission
Categories
(Toolkit :: Password Manager, defect, P3)
Toolkit
Password Manager
Tracking
()
REOPENED
People
(Reporter: ckarlof, Unassigned)
References
Details
Attachments
(1 file)
|
(deleted),
image/gif
|
Details |
username-munge.gif
Good examples are fidelity.com and online.citibank.com, which onblur, replace part of the user's username with some stars, e.g., "foobar" -> "f****r". See attached GIF for a screencap.
|
Reporter | |
Comment 1•10 years ago
|
||
The current deficiency is that Firefox captures "f****r" instead of the actual username. One technique I've used in the past to address this is to listen to key events on the username and passwords fields and read the values of these fields into temporary storage after each key press. Then on form "submission", we prompt the user to remember the values we stashed in temporary storage instead of what was in the actual form at submission time.
|
|
Reporter | |
Updated•10 years ago
|
Priority: -- → P1
|
|
Reporter | |
Updated•10 years ago
|
Priority: P1 → --
|
||
Updated•5 years ago
|
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
|
|
||
Comment 3•5 years ago
|
||
I shouldn't have duped this since bug 1530814 is about not saving the garbage but we'll still want to address saving the correct values.
Status: RESOLVED → REOPENED
Priority: -- → P3
Resolution: DUPLICATE → ---
Summary: Breakdown: Support capturing of login credentials on pages which manipulate the values entered by the user before submission → Support capturing of login credentials on pages which manipulate the values entered by the user before submission
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•