Bug #92293

Unexpected reload of backend login page deletes already typed information

Added by Michael Telgkamp 15 days ago.

Status:
New
Priority:
Must have
Assignee:
-
Category:
-
Target version:
-
Start date:
2020-09-11
Due date:
% Done:

0%

TYPO3 Version:
11
PHP Version:
Tags:
accessibility, login
Complexity:
Is Regression:
Yes
Sprint Focus:

Description

How to reproduce

  1. Simulate slow network connection and no cache (not required, but makes it more easy to reproduce)
  2. Load the TYPO3 backend login page
  3. Start typing a username directly when the login form is available
  4. the login page is reloaded and the already typed information is lost

Possible solutions

If the referrer is not set yet, the form should not be writable to prevent users to start typing before the reload.
Alternative: If there already is text inside the login form (a key pressed) before the redirect, the redirect should not be performed.

This behavior was introduced by https://typo3.org/security/advisory/typo3-core-sa-2020-006 (TYPO3 versions 9.5.17 or 10.4.2)

Also available in: Atom PDF