Bug #17671
closedAutocomplete OFF for BE-Login form
0%
Description
When logging in, into the T3 Backend using the normal login-form. The "autocomplete" feature of most browsers is active for the "Username" field.
If you log into a T3 account from a shared computer (like in i-net cafe's or similar) the username will get stored in the browsers cache.
This patch fixes the problem by adding the attritbute:
autocomplete="off"
http://developer.mozilla.org/en/docs/How_to_Turn_Off_Form_Autocompletion
http://msdn2.microsoft.com/en-us/library/ms533486.aspx
to the username input field.
(issue imported from #M6506)
Files
Updated by Kirill Klimov about 17 years ago
1. what about those who login from regular working place and like the way how it works now?
2. Is it normal considering that autocomplete attribute does not exist in XHTML 1.0 ?
Updated by Bernhard Kraft about 17 years ago
Hmm ... then we would have to make it configurable via install tool.
Any preferences on autocomplete="off"/"on" default ?
I would prefer autocomplete="off" as it is more secure.
But the other way would keep the current state ... which is usually how we try to handle things in T3.
AFAIK autocomplete is NOT valid XHTML ... should we care about that :) I mean its the BE - why would you like to put this through a validator - and both: IE and FF support it (altough earlier FF versions have problems with it)
Updated by Kirill Klimov about 17 years ago
I would prefer without it by default (as it is now) ;)
Updated by Benni Mack about 17 years ago
I also think we should keep the default as it is right now. But the option would be nice.
Updated by Patrick Gaumond about 17 years ago
Updated by Bernhard Kraft about 17 years ago
I attached a patch allowing to configure IPs for which autocomplete is disabled.
So you could add:
192.168.*,127.*
which would disable autocomplete for all local IPs
The option in the install tool is called "autocompleteOffIPs"
Updated by Alexander Opitz over 11 years ago
- Status changed from Accepted to Needs Feedback
- Target version deleted (
0)
The issue is very old, does this issue exists in newer versions of TYPO3 CMS (4.5 or 6.1)?
Updated by Bernhard Kraft about 11 years ago
- Status changed from Needs Feedback to Closed
This isssue is solved by UI improvements in modern browsers "remember password" feature.
No need for changes.