Closed tswfi closed 10 months ago
I think this problem has disappeared. Maybe along some chrome update?
Now that you mention I haven't seen this either in a while.
Tried to replicate but wasn't able to quickly.
Lets close this.
I bet this had something related to do with https://github.com/TampereHacklab/mulysa/commit/5b70ee44d8be551358f8975efb3fd85a678e0b47 or such, which gave elaborate issues on email inking too in certain cases.
Steps to reproduce (chrome mobile, reports of ios safari also acting similar)
New incognito tab Go to site which does sso login against mulysa Go to login Use browser password autofill Click login => csrf error
Cannot reproduce when not using browser autofill. Also lastpass pwd fill does work correctly.
Seems to work fine when going to login page without sso login request.