autofill populates invisible inputs and you can trick the user to overshare
Reported by
sst...@gmail.com,
Oct 13 2016
|
|
Issue descriptionUserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 Steps to reproduce the problem: Description: http://www.phpied.com/oversharing-with-the-browsers-autofill/ Repro: http://www.phpied.com/files/autocomplete/text.html What is the expected behavior? What went wrong? disclosed more private info than expected Did this work before? N/A Does this work in other browsers? N/A Chrome version: 53.0.2785.143 Channel: n/a OS Version: OS X 10.11.6 Flash Version: Shockwave Flash 23.0 r0 |
|
►
Sign in to add a comment |
|
Comment 1 by spqc...@chromium.org
, Oct 13 2016Labels: -OS-Mac OS-All
Status: Untriaged (was: Unconfirmed)