Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-77618

Browsers auto-completing the user's password into admin setting password unmask fields

XMLWordPrintable

    • MOODLE_401_STABLE
    • MOODLE_400_STABLE, MOODLE_401_STABLE
    • MDL-77618-admin-password-autocomplete-MOODLE_401_STABLE
    • MDL-77618-admin-password-autocomplete
    • Hide

      Ideally, reproduce the bug in master first.

      Test it in different browsers (Edge eg Version 111.0.1661.41 (Official build) (64-bit), Chrome, Firefox, Safari...)

      1. Saved user password in the browser password manager
      2. Selected Autofill password
      3. Navigated to /admin/search.php?query=cronremotepassword
      4. Unmasked cronremotepassword
      5. Confirm the password is not autofilled from the browser password manager
      6. Install https://github.com/catalyst/moodle-auth_saml2 :

        git clone https://github.com/catalyst/moodle-auth_saml2.git auth/saml2

      7. In the "New settings - SAML2" page, confirm the auth_saml2 | privatekeypass is not auto-filled from the browser password manager (the default value should be something like [hash][server] (i.e. KMz0ExQJf5CBZ8aw9W2sxgWWPOAtrXY2localhost).
      Show
      Ideally, reproduce the bug in master first. Test it in different browsers (Edge eg Version 111.0.1661.41 (Official build) (64-bit), Chrome, Firefox, Safari...) Saved user password in the browser password manager Selected Autofill password Navigated to /admin/search.php?query=cronremotepassword Unmasked cronremotepassword Confirm the password is not autofilled from the browser password manager Install https://github.com/catalyst/moodle-auth_saml2 : git clone https: //github.com/catalyst/moodle-auth_saml2.git auth/saml2 In the "New settings - SAML2" page, confirm the auth_saml2 | privatekeypass is not auto-filled from the browser password manager (the default value should be something like [hash] [server] (i.e. KMz0ExQJf5CBZ8aw9W2sxgWWPOAtrXY2localhost).

      Follow up from MDL-76478 which fixed formslib. This applies the same markup to password admin settings.

            brendanheywood Brendan Heywood
            brendanheywood Brendan Heywood
            Eric Katchan Eric Katchan
            Sara Arjona (@sarjona) Sara Arjona (@sarjona)
            Ron Carl Alfon Yu Ron Carl Alfon Yu
            Votes:
            3 Vote for this issue
            Watchers:
            13 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 hours, 50 minutes
                2h 50m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.