Bug #70126

FormEngine username and password fields must have autocomplete=off

Added by Markus Klein about 5 years ago. Updated about 3 years ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
FormEngine aka TCEforms
Target version:
Start date:
2015-09-26
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
7
PHP Version:
Tags:
Complexity:
medium
Is Regression:
No
Sprint Focus:

Description

This avoids that browsers (especially Chrome) go nuts and prefill those fields with stored auth data and therefore adjust the user's password.

This is especially critical if you edit be_users, as the password field is preset with 8 asterisks by FormEngine as "do not change"-value. But the browser then overwrites this value with some stored foo. There is no sane way for the user to restore the "do not change"-value to avoid changing the password.


Related issues

Related to TYPO3 Core - Bug #75809: Impossible to edit Backend-Users when Chrome Password Manager is usedClosed2016-04-20

Actions
#1

Updated by Markus Klein about 5 years ago

  • Description updated (diff)
#2

Updated by Gerrit Code Review about 5 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/43883

#3

Updated by Gerrit Code Review about 5 years ago

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/43883

#4

Updated by Gerrit Code Review about 5 years ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/43883

#5

Updated by Zsolt Molnar about 5 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
#6

Updated by Riccardo De Contardi about 3 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF