Wrong credential information is being stored |
||||
Issue descriptionVersion: Version 52.0.2707.2 canary (64-bit) OS: Mac OS X 10.11.4 What steps will reproduce the problem? 1. make sure your password manager doesn't have anything in chrome://settings/passwords for https://legacy-cma-dot-credential-management-sample.appspot.com 2. goto https://legacy-cma-dot-credential-management-sample.appspot.com/signin 3. type whatever id and password and let it fail 4. use Google SignIn and store federated credential using credential management api that should pop up if you are using the version I have written above 5. goto chrome://settings/passwords and see what is stored What is the expected output? Stores credential information for Google Sign In. What do you see instead? Failed id/password credential being stored despite the dialog I saw was for Google Sign In. Please use labels and text to provide additional information.
,
Apr 14 2016
,
Apr 14 2016
hi
,
Apr 14 2016
so is it a program problem
,
Apr 26 2016
The problem is the following: 1.After the user tries first time to login with incorrect credentials with usual sign-in form the submitted form is provisionally saved in renderer in PasswordAutofillAgent::WillSendSubmitEvent. 2.Then when the user tries again with credential API, CredentialManager decides to show SaveBubble 3.Navigation happens and the provisionally saved credentials send to browser from renderer, and since submitted form is not present, it's considered as successful submission and Save Bubble with submitted on login form credentials is shown.
,
May 4 2016
That particular flow was fixed in http://crbug.com/607501 However, there is still a bug that the bubble content may not correspond to what actually is to be saved.
,
May 30 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/355d6281ea88189f7d456c9b81eb3ab9acec25c3 commit 355d6281ea88189f7d456c9b81eb3ab9acec25c3 Author: vasilii <vasilii@chromium.org> Date: Mon May 30 09:27:50 2016 Refresh the password bubble if it's open when the second request comes in (Mac). The background data is updated if a site decides to save a password via the Credential Manager API. However, the bubble content was intact. That is, if user clicked Save then a different (obsolete) credential was stored. BUG= 603427 Review-Url: https://codereview.chromium.org/2018013002 Cr-Commit-Position: refs/heads/master@{#396700} [modify] https://crrev.com/355d6281ea88189f7d456c9b81eb3ab9acec25c3/chrome/browser/ui/cocoa/passwords/passwords_bubble_browsertest.mm [modify] https://crrev.com/355d6281ea88189f7d456c9b81eb3ab9acec25c3/chrome/browser/ui/cocoa/passwords/passwords_bubble_cocoa.mm [modify] https://crrev.com/355d6281ea88189f7d456c9b81eb3ab9acec25c3/chrome/browser/ui/cocoa/passwords/passwords_bubble_cocoa_unittest.mm
,
May 30 2016
,
Nov 29
|
||||
►
Sign in to add a comment |
||||
Comment 1 by mkwst@chromium.org
, Apr 14 2016Owner: vasi...@chromium.org
Status: Assigned (was: Untriaged)