Autofill was already a problem in 2.3, but it's worse in 2.5
Now when I create a new post, the "subtitle" gets auto-filled with a username (puzzlingly, not always mine, but that's just browser stupidity, I guess) and the password field gets auto-filled with that username's password.
It's not so bad for me, I can always clear the fields because I know about the problem (although I've been known to forget & the subtitle auto-fill was new in 2.5 so i missed it), but providing endless user support for people who aren't frequent users is a PITA.
I haven't looked at the HTML to see why the subtitle is exciting the browser's attention, but it's pretty obvious why the password field is... Honestly I do not see the need to label this as a type=password field. For a start the risk of over-the-shoulder theft when a solitary blogger creates a solitary blog entry is minuscule. And for next, it just can't be that common that a blog entry, which is kind of by nature a public thing, needs to be individually privatised. And if that *is* a necessity for a minority, OK, but the rest of us shouldn't have to remember to clear out fields that we don't want used. If that password protection is needed it should be a configuration option in settings, for those few who need it. Or make a button "Do you want to add a password to this entry?" so that there's no empty field lying around inviting trouble.
I don't agree that it's a browser issue. That's the environment & it needs to be catered for.
Post 2.5 upgrade autofill problems
Re: Post 2.5 upgrade autofill problems
Hey, are you up to test a possible fix?
In plugins/serendipity_event_entryproperties/serendipity_event_entryproperties.php there is ths code on line 387:
replace it with:
For me that stopped chrome from autofilling username in the title field and the password in the password field. Changing the type of the input field from 'password' to 'text' only prevented the password field from being filled, the title still was set.
Note that as mentioned in the other thread, you still have the option to disable the password option in the plugin's settings. But if we can land this patch maybe we can fix this for everyone :)
In plugins/serendipity_event_entryproperties/serendipity_event_entryproperties.php there is ths code on line 387:
Code: Select all
<input id="properties_access_pw" name="serendipity[properties][entrypassword]" type="password" autocomplete="off" value="<?php echo serendipity_specialchars($password); ?>">Code: Select all
<input id="properties_access_pw" name="serendipity[properties][entrypassword]" type="password" autocomplete="new-password" value="<?php echo serendipity_specialchars($password); ?>">Note that as mentioned in the other thread, you still have the option to disable the password option in the plugin's settings. But if we can land this patch maybe we can fix this for everyone :)