Skip Menu |

This queue is for tickets about the Apache-AuthCookie CPAN distribution.

Report information
The Basics
Id: 108475
Status: resolved
Priority: 0/
Queue: Apache-AuthCookie

People
Owner: Nobody in particular
Requestors: ccolumbu [...] gmail.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: Suggestion
Date: Wed, 4 Nov 2015 16:37:54 -0800
To: bug-Apache-AuthCookie [...] rt.cpan.org
From: Chad <ccolumbu [...] gmail.com>
Some browsers look for fields named "username" or "password" to trigger asking the end user if they want to store their user/pass in the browser password DB. Since AuthCookie requires that those fields are called 'credential_0', 'credential_1' the browser does not trigger the "do you want to save" dialog. Is there a way we could make those field names params? Is there already a way to do this and I missed it? -- -Chad
On Wed Nov 04 19:38:03 2015, ccolumbu wrote: Show quoted text
> Some browsers look for fields named "username" or "password" to > trigger asking the end user if they want to store their > user/pass in the browser password DB.
Which browser does it this way out of curiosity? Because this is definitely NOT true for Firefox, Chrome, Safari, and Internet Explorer All of these look merely for a field whose *TYPE* is password, and use the preceding text field as the username. I am prompted to save the username/password in all of those browsers when I fire up apache in the test suite and access the sample page. Note that in order to get prompted to save your username/password you must have a valid form tag, and you cannot have 'autocomplete="off"' on the form or the username/password fields. Possibly you cannot use autocomplete=off anywhere in the login form. Either you are using a different browser than these and it doesn't behave this way, or, you are not being prompted for some other reason. Regards, Michael Schout
Subject: Re: [rt.cpan.org #108475] Suggestion
Date: Wed, 27 Jan 2016 17:51:03 -0800
To: bug-Apache-AuthCookie [...] rt.cpan.org
From: Chad <ccolumbu [...] gmail.com>
I could not get the "save password" dialog to trigger on: Firefox 39.0 on Windows 7 Chrome 47.0.2526.111 m on Windows 7 I read that this is caused by the field name, I don't know how else to verify it. ^C On 1/22/2016 1:53 PM, MSCHOUT via RT wrote: Show quoted text
> <URL: https://rt.cpan.org/Ticket/Display.html?id=108475 > > > On Wed Nov 04 19:38:03 2015, ccolumbu wrote:
>> Some browsers look for fields named "username" or "password" to >> trigger asking the end user if they want to store their >> user/pass in the browser password DB.
> > Which browser does it this way out of curiosity? Because this is definitely NOT true for Firefox, Chrome, Safari, and Internet Explorer All of these look merely for a field whose *TYPE* is password, and use the preceding text field as the username. > > I am prompted to save the username/password in all of those browsers when I fire up apache in the test suite and access the sample page. > > Note that in order to get prompted to save your username/password you must have a valid form tag, and you cannot have 'autocomplete="off"' on the form or the username/password fields. Possibly you cannot use autocomplete=off anywhere in the login form. > > Either you are using a different browser than these and it doesn't behave this way, or, you are not being prompted for some other reason. > > Regards, > Michael Schout >
Subject: Re: [rt.cpan.org #108475] Suggestion
Date: Thu, 28 Jan 2016 00:22:02 -0600
To: bug-Apache-AuthCookie [...] rt.cpan.org
From: Michael Schout <mschout [...] gkg.net>
On 1/27/16 7:51 PM, Chad via RT wrote: Show quoted text
> I read that this is caused by the field name, I don't know how else to verify it.
I assure you its not. Here's a screenshot from Firefox 43 on Windows 7. I also verified with Firefox v31.0 on Win7 and get the same result: Here is the same test from Chrome 48.0: All I did was build the AuthCookie dist from CPAN via: perl Makefile.PL make then start apache with: ./t/TEST -start-httpd It will pick a port number so yours will vary, but mine says: server localhost:8529 started This was on a dev box at 192.168.1.107 on my LAN, so from Windows 7 I browsed to: http://192.168.1.107:8529/docs/protected/get_me.html and logged in with: User: programmer Pw: Hero And I get the "Congratuations you got past AuthCookie!" page and Firefox (and Chrome) offer to save my password. If you want to rule out AuthCookie, thats how you test it. But as you can see, I am unable to reproduce your problem at all. Regards, Michael Schout
Download gifeicef.
image/png 729.4k
gifeicef.
Download eihjhhfi.
image/png 716.7k
eihjhhfi.
Download gbedhjhj.
image/png 733.6k
gbedhjhj.