Project

General

Profile

Actions

Bug #92293

closed

Unexpected reload of backend login page deletes already typed information

Added by Michael Telgkamp over 3 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
-
Target version:
-
Start date:
2020-09-11
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
11
PHP Version:
Tags:
accessibility, login
Complexity:
Is Regression:
Yes
Sprint Focus:

Description

How to reproduce

  1. Simulate slow network connection and no cache (not required, but makes it more easy to reproduce)
  2. Load the TYPO3 backend login page
  3. Start typing a username directly when the login form is available
  4. the login page is reloaded and the already typed information is lost

Possible solutions

If the referrer is not set yet, the form should not be writable to prevent users to start typing before the reload.
Alternative: If there already is text inside the login form (a key pressed) before the redirect, the redirect should not be performed.

This behavior was introduced by https://typo3.org/security/advisory/typo3-core-sa-2020-006 (TYPO3 versions 9.5.17 or 10.4.2)

Actions

Also available in: Atom PDF