Watch out for Autocomplete
I ran into a funny problem today that had to do with the Autocomplete feature in Firefox. If I had autocomplete turned off on my computer it would have been very hard to debug this issue, but I quickly realized that autocomplete was the problem.
Suppose you have a backend app to manage users. You have a login for that looks like this:
<label for="username">Username</label> <input type="text" name="username" id="username" />
Now if you also have an edit user form with the same code, autocomplete will fill in the username you used to login with into the username field. This is not a problem if your editing your own username, but if you want to edit someone else, then you have a problem.
So at first I thought I could fix this by changing the
name attribute on the
input tag, but this didn't work. You have to change the
Another way to fix this is to set
autocomplete="off" in your
input tag. But that is a non standard attribute, and breaks HTML validation.
- Turn off autocomplete for credit card input - October 7, 2005
- Blocking Mozilla / Google Prefetch - April 6, 2005
- Where are my ALT tooltips in Firefox - March 11, 2005
Simply place a hidden password field, with no name, at the start of your form - this seems to trick firefox into thinking that this is the main password field, but as there's no name it a) doesn't get set and b) doesn't get submitted!
- SameSite Cookies with IIS
- Facebook API Now Requires Review for user_friends Permission
- Docker Container exited with code 137
- Why is my cron.daily script not running?
- Announcing FuseGuard Version 3
- CFSummit 2017
- Java Unlimited Strength Crypto Policy for Java 9 or 1.8.0_151
- Java 9 Security Enhancements