Actions
Bug #92293
closedUnexpected reload of backend login page deletes already typed information
Status:
Closed
Priority:
Must have
Assignee:
-
Category:
-
Target version:
-
Start date:
2020-09-11
Due date:
% Done:
100%
Estimated time:
TYPO3 Version:
11
PHP Version:
Tags:
accessibility, login
Complexity:
Is Regression:
Yes
Sprint Focus:
Description
How to reproduce¶
- Simulate slow network connection and no cache (not required, but makes it more easy to reproduce)
- Load the TYPO3 backend login page
- Start typing a username directly when the login form is available
- the login page is reloaded and the already typed information is lost
Possible solutions¶
If the referrer is not set yet, the form should not be writable to prevent users to start typing before the reload.
Alternative: If there already is text inside the login form (a key pressed) before the redirect, the redirect should not be performed.
This behavior was introduced by https://typo3.org/security/advisory/typo3-core-sa-2020-006 (TYPO3 versions 9.5.17 or 10.4.2)
Actions