Project

General

Profile

Actions
Copy link

Bug #17671

closed

Autocomplete OFF for BE-Login form

Added by Bernhard Kraft over 16 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Bernhard Kraft
Category:
-
Target version:
-
Start date:
2007-10-11
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.1
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

When logging in, into the T3 Backend using the normal login-form. The "autocomplete" feature of most browsers is active for the "Username" field.

If you log into a T3 account from a shared computer (like in i-net cafe's or similar) the username will get stored in the browsers cache.

This patch fixes the problem by adding the attritbute:

autocomplete="off"
http://developer.mozilla.org/en/docs/How_to_Turn_Off_Form_Autocompletion
http://msdn2.microsoft.com/en-us/library/ms533486.aspx

to the username input field.

(issue imported from #M6506)

Files

Download all files
autocomplete_off_2007-10-11.diff (714 Bytes) autocomplete_off_2007-10-11.diff Administrator Admin, 2007-10-11 16:22
autocomplete_off_2007-10-13.diff (2.01 KB) autocomplete_off_2007-10-13.diff Administrator Admin, 2007-10-13 11:39

Related issues 2 (0 open2 closed)

Related to TYPO3 Core - Bug #16951: Autofill in form functions fail on Firefox & Internet ExplorerClosed2007-02-07

Actions
Has duplicate TYPO3 Core - Feature #17021: Add autocomplete="off" to BE loginClosedBernhard Kraft2007-02-20

Actions
Actions
Copy link
 #1

Updated by Kirill Klimov over 16 years ago

1. what about those who login from regular working place and like the way how it works now?
2. Is it normal considering that autocomplete attribute does not exist in XHTML 1.0 ?

Actions
Copy link
 #2

Updated by Bernhard Kraft over 16 years ago

Hmm ... then we would have to make it configurable via install tool.

Any preferences on autocomplete="off"/"on" default ?

I would prefer autocomplete="off" as it is more secure.

But the other way would keep the current state ... which is usually how we try to handle things in T3.

AFAIK autocomplete is NOT valid XHTML ... should we care about that :) I mean its the BE - why would you like to put this through a validator - and both: IE and FF support it (altough earlier FF versions have problems with it)

Actions
Copy link
 #3

Updated by Kirill Klimov over 16 years ago

I would prefer without it by default (as it is now) ;)

Actions
Copy link
 #4

Updated by Benni Mack over 16 years ago

I also think we should keep the default as it is right now. But the option would be nice.

Actions
Copy link
 #6

Updated by Bernhard Kraft over 16 years ago

I attached a patch allowing to configure IPs for which autocomplete is disabled.

So you could add:

192.168.*,127.*

which would disable autocomplete for all local IPs

The option in the install tool is called "autocompleteOffIPs"

Actions
Copy link
 #7

Updated by Alexander Opitz about 11 years ago

  • Status changed from Accepted to Needs Feedback
  • Target version deleted (0)

The issue is very old, does this issue exists in newer versions of TYPO3 CMS (4.5 or 6.1)?

Actions
Copy link
 #8

Updated by Bernhard Kraft over 10 years ago

  • Status changed from Needs Feedback to Closed

This isssue is solved by UI improvements in modern browsers "remember password" feature.
No need for changes.

Actions
Copy link

Also available in: Atom PDF