@peterhashair
Description:
Fixes white-label, when modal open password manager autofill the field in the back, update to read-only fields on modal opens. Revert to normal when modal closed.
https://innocraft.atlassian.net/jira/software/projects/L3/boards/20?label=Core&selectedIssue=L3-161
Review
- [ ] Functional review done
- [ ] Potential edge cases thought about (behavior of the code with strange input, with strange internal state or possible interactions with other Matomo subsystems)
- [ ] Usability review done (is anything maybe unclear or think about anything that would cause people to reach out to support)
- [ ] Security review done
- [ ] Wording review done
- [ ] Code review done
- [ ] Tests were added if useful/possible
- [ ] Reviewed for breaking changes
- [ ] Developer changelog updated if needed
- [ ] Documentation added if needed
- [ ] Existing documentation updated if needed
@sgiehl I did a screen capture on that one, it seems like autocomplete=off didn't prevent the autofill, but the read-only does, for Bitwarden and another third part password. See the screen capture.
https://user-images.githubusercontent.com/3783072/145738110-eede3d3f-f0d2-4779-a174-2f44d9ed9f0b.mp4
@sgiehl
Yes. It works for my password manager too. But I actually can only repeat my last comment. It works for the tested password managers. But as soon as any password manager is able to set a value for that field it will break again.
Btw. disconnecting the password input from angular would even solve another issue: When the modal is currently opened and you type something into the password field, but click No, the modal will be closed without clearing the password field. Due to this the next click on the save button, will simply use the password typed before, without opening the modal again.
@sgiehl did a simple approach, hopefully that disconnect the password input
@peterhashair That wasn't what I had in my mind, also it actually changes the behavior. Before the password confirm was only shown when saving some admin configuration. Now it is also shown for user configuration. What I had in mind, was removing the ng-model from the password field and instead fetch/set the value with javascript when it's needed.
Yep. closing this one in favor of the vue PR.