Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-77026

Autofill error in LTI tool form

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Minor Minor
    • None
    • 4.0.6
    • Forms Library
    • None
    • MOODLE_400_STABLE

      The LTI form mod/lti/mod_form.php field "id_password" is incorrectly autofilled by many browsers. It causes that the correct lti key is overwritten by the users password that was entered in the login form.

      This issue regularly occurs with our moodle instances (about 2.700) since 4.0.x and several browsers, e.g. Chrome, Firefox. The problem is not fixed with adding "autocomplete=off" to https://github.com/moodle/moodle/blob/MOODLE_400_STABLE/mod/lti/mod_form.php#L244 because many browsers ignore this attribute-value-setting.

      Changing line 244 to

      $mform->addElement('password', 'password', get_string('password', 'lti'), array("autocomplete" => "off", "readonly" => "readonly", "onfocus" => "this.removeAttribute('readonly');"));

      would fix this issue but this is pretty uncool.

      It would be great if you could fix this issue properly, e.g. by adding a random suffix to the field name "password".

            Unassigned Unassigned
            koch Andreas Koch
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.