Firefox autofills password into authorization token field, resulting in Error 401 #630
Open
4 tasks done
Comments
|
Possible cause for a lot of other error 401 issues |
|
Possibly could use an input text element and use the webkit-text-security property. Experimental, but compatible with most browsers. https://developer.mozilla.org/en-US/docs/Web/CSS/-webkit-text-security |
Open
|
Fixed in #631 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Undiscord Version
5.2.3
Browser
Firefox 126
Extension
Greasemonkey
Reproduction steps
Actual results
Password manager will silently and automatically fill the authorization token slot with the password, resulting in an error 401 as it's obviously not a token. Even after attempting to fix the issue by entering the correct token, it results in undefined behavior afterwards. (in one instance, it error 400s no matter what until I restart the browser, and set the delay intervals to null.)
Expected results
Firefox shouldn't fill it in, it should ignore it.
Bug affects
Additional information & file uploads
To emphasize, this happens silently and automatically.
Proposed fix
Find an alternative to the "password" type for the token input html element, or provide more "no-autofill" signals, so password managers don't recognize it, or add a "lock" of sorts.
The text was updated successfully, but these errors were encountered: