Firefox password manager asks to remember password in iframe flow #2373
Comments
|
My proposal:
|
…is in an iframe. Actually simplify the autocomplete=off logic quite a bit. If service=sync, set the `autocomplete=off` attribute on the form instead of the password field. This ensure Firefox does not try to save the form for sync, even if in an iframe. On the password field, only set autocomplete=off iff the password field is toggled to type=text. The addition of `autocomplete=off` is done by JavaScript instead of from within the templates. This allows both the templates and the Views to ignore the autocomplete status. Also fix the password visibility functional tests. We were not returning the promise for the tests! fixes #2373
|
I got some sad news about this: Firefox doesn't respect |
|
Capturing Shane's suggestion from an email thread: perhaps we should expand that regexp to also match "https://accounts.firefox.com/.*service=sync" or similar. It would remain a gross hack, made only slightly grosser by expanding it to cover this new case. |
|
A slightly better approach would be to prevent the save-password prompt from advertising sync when you're at one of these URLs, rather than preventing the save-password prompt entirely. |
|
Opened https://bugzilla.mozilla.org/show_bug.cgi?id=1173688 to track this from the Fx side. |
|
Closing, this was fixed in record time by the Fx team. Thank you @edmoz for working your magic! |
|
It's amazing what happens when we all work together! |
The Firefox password manager does not allow passwords from about:accounts to be saved. The firstrun flow is not about:accounts, hence the password manager asks if the user wants to save their password.
It looks like this behavior can be disabled w/o a Firefox change by adding autocomplete=off to the form element.
cc @ckarlof
ref #2101, #363, #1780, #1788
The text was updated successfully, but these errors were encountered: