FS#2625 : avoid password manager popups in admin prefs area

Quick Actions

View Dependency Graph

Status New
Percent Complete
0%
Task Type TODO
Category User Interface
Assigned To

peterdd
Operating System All
Severity Low
Priority Very Low
Reported Version 1.0-rc9
Due in Version Undecided
Due Date Undecided
Votes
Private

Attached to Project: Flyspray - The bug killer!
Opened by peterdd - 10.02.2021
Last edited by peterdd - 10.02.2021

FS#2625 - avoid password manager popups in admin prefs area

We must teach browsers not to use some input fields in the admin prefs area to offer to store it in their password manager.

Steps to reproduce:

Login with Firefox as admin into Flyspray. (Maybe other browsers behave same)
Go to admin prefs area (top right gear icon)
Click link somewhere else (so leaving admin prefs page)
Firefox browser pops up password manager as it detected some password input fields on admim prefs setting page. But in this case this is not wanted.

Either by using different input field names where the browser does not assume it is a login password field or find input field attribute to tell them.

auto-complete="off"

is not working anymore in browsers for password fields.

webbrowser: Firefox 85.0.2

Popup probably triggered by the password fields for configuring Email and XMPP notification: smtp_pass and jabber_password input fields. Firefox heuristic is too stupid to detect that these are for server configuration, not user login fields!

Neither