New issue
Advanced search Search tips

Issue 895952 link

Starred by 1 user

Issue metadata

Status: Assigned
Owner: ----
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 1
Type: Bug



Sign in to add a comment

Manual password generation not offered on spotify.com with Autofill=disabled

Project Member Reported by nepper@chromium.org, Oct 16

Issue description

As per jschuh's report:

Chrome Version: 69.0.3497.95 Stable
OS: CrOS

What steps will reproduce the problem?
(0) Confirm that you are signed in to Chrome and password sync is enabled
(1) Disable autofill from chrome://settings/autofill 
(2) Go to https://www.spotify.com/us/signup/
(3) Put focus on the first password field
(4) Right click

What is the expected result?

Context menu shows "Generate password..." entrypoint

What happens instead?

Password generation is not offered in the context menu.


Please use labels and text to provide additional information.

If this is a regression (i.e., worked before), please consider using the
bisect tool (https://www.chromium.org/developers/bisect-builds-py) to help
us identify the root cause and more rapidly triage the issue.

For graphics-related bugs, please copy/paste the contents of the about:gpu
page at the end of this report.


 
Here's my log with Autofill disabled:

Security origin: https://www.spotify.com/ 
Number of all forms: 2
Form found on page: {
Action : ,
Form name or ID : signup_facebook_form 
}
Form is visible: false
Form found on page: {
Action : ,
Form name or ID : 
}
Form is visible: true
Form is a password form: {
Action : https://www.spotify.com/ ,
New password element : ,
Origin : https://www.spotify.com/ ,
PSL match : false,
Password element : signup_form_password_ ,
Password generated : false,
Scheme : HTML ,
Signon realm : https://www.spotify.com/ ,
Times used : 0,
Username element : signup_form_confirm_email_ 
}
Some control elements not associated to a form element are visible: false
Message: PasswordManager::CreatePendingLoginManagers 
SSL errors present: false
IsPasswordManagementEnabledForCurrentPage: true
Number of pending login managers (before): 2
SSL errors present: false
IsPasswordManagementEnabledForCurrentPage: true
Number of pending login managers (after): 2
Message: PasswordManager::OnPasswordFormsRendered 
Message: PasswordManager::CanProvisionalManagerSave 
Message: No provisional save manager 
Message: Generation invalid PasswordForm 
Message: Generation invalid PasswordForm 
Generation possible account creation forms: 3
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
For comparison, this is my log where the right-click context menu entry is visible despite Autofill being disabled:

Security origin: https://www.spotify.com/ 
Number of all forms: 2
Form found on page: {
Action : ,
Form name or ID : signup_facebook_form 
}
Form is visible: true
Form found on page: {
Action : ,
Form name or ID : 
}
Form is visible: true
Form is a password form: {
Action : https://www.spotify.com/ ,
New password element : ,
Origin : https://www.spotify.com/ ,
PSL match : false,
Password element : signup_form_password_ ,
Password generated : false,
Scheme : HTML ,
Signon realm : https://www.spotify.com/ ,
Times used : 0,
Username element : signup_form_confirm_email_ 
}
Some control elements not associated to a form element are visible: false
Message: PasswordManager::CreatePendingLoginManagers 
SSL errors present: false
IsPasswordManagementEnabledForCurrentPage: true
Number of pending login managers (before): 2
SSL errors present: false
IsPasswordManagementEnabledForCurrentPage: true
Number of pending login managers (after): 2
Message: PasswordManager::OnPasswordFormsRendered 
Message: PasswordManager::CanProvisionalManagerSave 
Message: No provisional save manager 
Message: Generation invalid PasswordForm 
Message: Generation invalid PasswordForm 
Generation possible account creation forms: 3
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
The previous log was for the DE version, here again for the US version (but again, I can't repro: I *do* get the password generation entry point in the context menu):

Security origin: https://www.spotify.com/ 
Number of all forms: 2
Form found on page: {
Action : ,
Form name or ID : signup_facebook_form 
}
Form is visible: false
Form found on page: {
Action : ,
Form name or ID : 
}
Form is visible: true
Form is a password form: {
Action : https://www.spotify.com/ ,
New password element : ,
Origin : https://www.spotify.com/ ,
PSL match : false,
Password element : signup_form_password_ ,
Password generated : false,
Scheme : HTML ,
Signon realm : https://www.spotify.com/ ,
Times used : 0,
Username element : signup_form_confirm_email_ 
}
Some control elements not associated to a form element are visible: false
Message: PasswordManager::CreatePendingLoginManagers 
SSL errors present: false
IsPasswordManagementEnabledForCurrentPage: true
Number of pending login managers (before): 2
SSL errors present: false
IsPasswordManagementEnabledForCurrentPage: true
Number of pending login managers (after): 2
Message: PasswordManager::OnPasswordFormsRendered 
Message: PasswordManager::CanProvisionalManagerSave 
Message: No provisional save manager 
Message: Generation invalid PasswordForm 
Message: Generation invalid PasswordForm 
Generation possible account creation forms: 3
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
Message: Generation: no server signal 
I don't see any difference between Justin's log and mine for the US version. I don't think these logs will help.

Justin, can you drop your variations list from about:version? I'll look into your Finch setup...
Variations
3e006338-3f4a17df
1a0d11d4-2f9febdf
e202a358-65bced95
ebeb14fc-3f4a17df
752a9400-3d47f4f4
b7e2524c-ca7d8d80
8fe39baa-3f4a17df
8502ae4f-ca7d8d80
3095aa95-3f4a17df
7c1bc906-f55a7974
47e5d3db-3d47f4f4
9ca1387e-ca7d8d80
1149accc-65bced95
4dc30737-b8a5ea08
af59fc20-2599138c
c865fdc1-ca7d8d80
15d89564-80f9a33e
ba18e3fd-65bced95
4d1e7834-5aedd793
a582a1b8-ad75ce17
8ee5ed19-ca7d8d80
74658432-ca7d8d80
d0c20ec2-a5e06faa
3042ad4b-ca7d8d80
ebbb4e0a-ca7d8d80
98be3390-54f732d1
267255c3-f4950e99
249dd49a-20131bcc
116c6887-2d9ebb2e
44827ee5-43146c13
88a387d2-ee748cef
8f1e27f-ca7d8d80
edbcf7c5-961c461c
43f62d3b-28165b59
3a0563a1-65222f0b
9e5c75f1-2ad3bd2f
6872f671-991e1e1
f79cb77b-65bced95
2ca9c26b-18152f77
4ea303a6-ecbb250e
6e6e0c7e-3f17a7d8
d92562a9-65bced95
4da5ae82-91c810ef
2c1d398c-3f4a17df
6973a1cf-3f4a17df
cc54eb06-ca7d8d80
58a025e3-36e97b2c
df072bba-ca7d8d80
f242806f-5810b593
4bc337ce-69465896
553edbc3-65bced95
d1466cda-3f4a17df
9a2f4e5b-3fe9c4dc
ddf77e2c-ca7d8d80
1354da85-f1a864dc
17507c76-3d47f4f4
494d8760-52325d43
3ac60855-3ec2a267
f296190c-5840db52
4442aae2-6bdfffe7
ed1d377-e1cc0f14
75f0f0a0-a5822863
e2b18481-7158671e
e7e71889-4ad60575
b1ceb06f-d1372334
3a4029d-ca7d8d80
11bf439-adf06893
81c6897f-3d47f4f4
ea0f933d-ca7d8d80
One more detail: I have Auto Sign-in disabled.
Ok, a first hunch: Two differences between Justin's and my Finch setup:

Justin:
PasswordGeneration-Enabled_Dogfood
PasswordGenerationRequirements-Enabled_Control

me:
PasswordGeneration-Enabled
PasswordGenerationRequirements-Enabled

Thanks, Justin! I can't repro with Auto-sign-in AND Autofill disabled. Looks like I can't make it die ;).

Coming back to Finch: My Finch setup looks broken. I filed https://crbug.com/896048 to track that separately.

PasswordGeneration-Enabled_Dogfood and PasswordGeneration-Enabled are equivalent, so the PasswordGeneration experiment is not the culprit.

PasswordGenerationRequirements-Enabled_Control was removed more than two weeks ago. Not sure why Justin is still in this group.
Cc: -battre@google.com vasilii@google.com
Owner: battre@chromium.org
Over to Dominic: Dominic, I can't easily test if this is related to your requirements experiment on my CrOS Stable machine (no about:flags flag).

Can you confirm if disabling PasswordGenerationRequirements + disabling the Autofill setting makes the "Generate Password..." link vanish from the right-click context menu?
(oh + Auto-Sign-In=disabled as per Justin's report)
Justin could you please do the following:

1) Open tab with chrome://password-manager-internals
2) Open tab with https://www.spotify.com/us/signup/
3) Right click on the password field
4) Copy the *entire* content of chrome://password-manager-internals to this bug

5) Attach the content of chrome://sync-internals/ -> Dump Status

6) Do you have any chrome://flags enabled that are non-default? You could copy the contents of chrome://version/

Thanks.

The decision on whether to show the menu is taken here: https://cs.chromium.org/chromium/src/components/password_manager/core/browser/password_generation_manager.cc?l=122&rcl=2df395c2f7f78530915009c4cb4e0451a2cae5bf
It should record the failure reasons, but I expect that these messages were not copied in your snippet.
Ah... one more thing:
If you have a 3P password manager extension installed, can you please temporarily disable it in chrome://extensions/ as that can disable the Chrome password manager as well via the privacy extensions API.
Looking at https://cs.chromium.org/chromium/src/chrome/browser/password_manager/chrome_password_manager_client.cc?q=password_manager_client.cc&g=0&l=1 I wonder:

- is Automation enabled via a command line flag?
- you're not trying this in Incognito, are you? :)
- I guess we can exclude SSL errors?
- (also not sure about what happens in IsPasswordManagementEnabledForCurrentPage())
Cc: -jsc...@chromium.org battre@chromium.org
Owner: jsc...@chromium.org
Assigning to Justin to make sure he sees Comment 11, Comment 12 and Comment 13. Thanks for your help!
Cc: jsc...@chromium.org
Owner: ----
Sorry, I simply don't have time to follow up. I'm happy to let someone poke at my profile if they're around MTV when I'm in the office, and I'll be out in MUC next month. But this has already consumed far more time than I was expecting it would when I made an offhand comment to Zach.
I am in MTV tomorrow (flying out on Saturday). If that works for you, I'd be happy to take a look.

Sign in to add a comment