Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-77026

Autofill error in LTI tool form

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • Minor
    • None
    • 4.0.6
    • Forms Library
    • None
    • MOODLE_400_STABLE

    Description

      The LTI form mod/lti/mod_form.php field "id_password" is incorrectly autofilled by many browsers. It causes that the correct lti key is overwritten by the users password that was entered in the login form.

      This issue regularly occurs with our moodle instances (about 2.700) since 4.0.x and several browsers, e.g. Chrome, Firefox. The problem is not fixed with adding "autocomplete=off" to https://github.com/moodle/moodle/blob/MOODLE_400_STABLE/mod/lti/mod_form.php#L244 because many browsers ignore this attribute-value-setting.

      Changing line 244 to

      $mform->addElement('password', 'password', get_string('password', 'lti'), array("autocomplete" => "off", "readonly" => "readonly", "onfocus" => "this.removeAttribute('readonly');"));

      would fix this issue but this is pretty uncool.

      It would be great if you could fix this issue properly, e.g. by adding a random suffix to the field name "password".

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              koch Andreas Koch
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Clockify

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.