Closed Bug 235765 Opened 21 years ago Closed 19 years ago

Password field is saved incorrectly due to javascript

Categories

(Toolkit :: Password Manager, defect)

Product:
Toolkit
Component:
Password Manager
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 257781

People

(Reporter: corsipo, Unassigned)

References

(
URL
)

Details

User-Agent: Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040225 Firefox/0.8 Basically, powerschool will take whatever password you enter into the form, and then will run some javascript on it, which seems to take the md5sum of the password input box, and then stores it to that same box. The problem is that I would like it to save the un-encrypted password... The encrypting happens when a link that reaches <a href="javascript:doStudentLogin()">. this will submit the form, and changes the password input box to the md5 of it. and then the save password stuff is called. Reproducible: Always Steps to Reproduce: 1. goto ps.stmarkshs.net 2. pick some username. 3. pick some password. 4. hit enter (the button) Actual Results: The password input box is transformed into the md5sum of it due to javascript. the save password feature of mozilla then saves the incorrect password. Expected Results: It should have saved the password before the javascript attacked it. since the javascript doesn't check to see that its already a md5sum or anything. Possibly a solution would be to allow a person to lock the current user name and password (so it doesn't get automatically changed?)
I'm guessing this is invalid because the data is only saved once the form is submitted. But right or wrong, the behaviour is also in Seamonkey, so moving it there.
Assignee: bryner → dveditz+bmo
OS: Linux → All
Product: Firefox → Browser
Hardware: PC → All
Version: unspecified → Trunk
I realize that its saved once submitted, but the main point in the bug is that I feel that it should be saved as a password when the submit button is hit, since that is when the user's version of the datas input is complete.
Product: Browser → Seamonkey
This looks like a duplicate of bug #212617
*** This bug has been marked as a duplicate of 212617 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
Judging by the original user-agent this should have been filed as a Firefox bug, and since Firefox and the Suite have different password manager implementations it's useful to have a bug on each product. Perhaps simply changing when an event is fired will magically fix both, but probably there will be separate fixes required. Reopening and changing product.
Assignee: dveditz → nobody
Status: UNCONFIRMED → NEW
Depends on: 212617
Ever confirmed: true
Product: Mozilla Application Suite → Firefox
QA Contact: davidpjames → password.manager
Bug 257781 is the same but seems to have gotten more activity. *** This bug has been marked as a duplicate of 257781 ***
Status: NEW → RESOLVED
Closed: 19 years ago19 years ago
Resolution: --- → DUPLICATE
Product: Firefox → Toolkit
You need to log in before you can comment on or make changes to this bug.