Access List modal - Authorization tab - autopopulates login credentials

[Nedevski]

Checklist

• Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
  • Yes
• Are you sure you're not using someone else's docker image?
  • Yes
• Have you searched for similar issues (both open and closed)?
  • Yes

Describe the bug

When trying to edit IPs in the Access List tab, the Authorization tab gets autopopulated with the login credentials. This occurs even when you don't open the Authorization tab. As a result of that, your Nginx Proxy Manager credentials get saved as Access List user/pass. Because of that, every time you change/add an IP, you have to go in the tab and auto-clear the credentials, otherwise they get saved.

Nginx Proxy Manager Version

v2.11.1

To Reproduce Steps to reproduce the behavior:

1. Have your login user/pass saved in Chrome
2. Go to Access Lists
3. Add or Edit and existing access list.
4. Navigate to the Authorization tab to confirm that the user/pass gets autopopulated
5. If adding - add a single IP, if editing - just click save.
6. Observe that your user has been saved in the access list.

Expected behavior

The fields should not get autopopulated

Screenshots

Operating System

Ubuntu + Docker

Additional context

Chrome 122.0.6261.112

[bluekitedreamer]

This one is a difficult one to solve, the chrome autofill is a "moving target" with regards to it's implementation and compliance of it's own implementation. Everything from the autocomplete to prevent_autofill directives have been observed and then ignored in the past. Some workarounds in the code lead to security vulnerabilities, for example not marking as the password field would unmask the field.

Yet, still, this page doesn't appear to have any exists "blocks" to the autofill functionality.

Easiest workaround it to disable autofill for the page...

[Nedevski]

Yes, but this workaround will prevent me from having my login details autofilled on the login page, which is also not ideal for me, as I have a couple of different instances that I manage. :(

[bluekitedreamer]

workaround - A [procedure] or a temporary fix that [bypasses] a problem and allows the [user] to continue working until a better solution can be provided

Don't like the answer, don't use it...

[bluekitedreamer]

Just load the different instances into profiles and keep them logged in if you have to switch back/forth that often

[github-actions[bot]]

Issue is now considered stale. If you want to keep it open, please comment :+1: