Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-77026

Autofill error in LTI tool form

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Duplicate
    • 4.0.6
    • None
    • Forms Library
    • None
    • MOODLE_400_STABLE

    Description

      The LTI form mod/lti/mod_form.php field "id_password" is incorrectly autofilled by many browsers. It causes that the correct lti key is overwritten by the users password that was entered in the login form.

      This issue regularly occurs with our moodle instances (about 2.700) since 4.0.x and several browsers, e.g. Chrome, Firefox. The problem is not fixed with adding "autocomplete=off" to https://github.com/moodle/moodle/blob/MOODLE_400_STABLE/mod/lti/mod_form.php#L244 because many browsers ignore this attribute-value-setting.

      Changing line 244 to

      $mform->addElement('password', 'password', get_string('password', 'lti'), array("autocomplete" => "off", "readonly" => "readonly", "onfocus" => "this.removeAttribute('readonly');"));

      would fix this issue but this is pretty uncool.

      It would be great if you could fix this issue properly, e.g. by adding a random suffix to the field name "password".

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              koch Andreas Koch
              David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: