Open DonnKey opened 3 years ago
varjolintu
commented
3 years ago I'm not certain what the actual problem here is, as I can fill the credentials normally for the page. The green diamond only means there's newer KeePassXC version available.
Can you record a screen video that shows the problem?
DonnKey
commented
3 years ago I've attached a (very boring) video showing a repeated behavior of it not working (at all). The video capture did not capture the popup window when I clicked on the KeePass icon at the upper right. When you see the cursor moving around the upper right, I'm clicking on the "Reload This Page" button (and then it proceeds to the screen explaining "Health Safe Id", rather than reloading... blame the website for that).
Here's the popup that's invisible in the video, so there's no ambiguity. Hovering over the KeePass icon yields the "KeePassXC-Browser wants access to this site" message.
[image: image.png]
This appears to be a timing issue... I've noticed that I have to occasionally "Reload this Page" on other websites than the ones discussed here... that's not a problem since other websites really do reload the page, and everything works fine. However, these websites don't reload the page with login/password fields, so that doesn't fix what it's supposed to fix.
More details: First of all, I did confirm that when I'm at the username/password ('hsid11' in the URL) screen, Alt-S-U works as expected, so the database seems fine.
Next: There are several websites that share that same username/password ('hsid11') screen. At least: https://www.optumrx.com/public/landing (the one I'm using in the video) and https://www.medicare.uhc.com/AARP . That will prove relevant.
I start new tabs to log in via the URL column in KeePass. When you see a new tab appear in the video, that's what's happening (on another screen).
I started playing with this using the AARP website. It worked sort-of correctly intermittently (~half the time a retry using Chrome would work). When I started to try to capture the video (Win-G), the behavior changed slightly: it still reliably failed the first time (from KeePass), but when I clicked (Chrome's) back arrow after getting to the "What is Health Save ID?" screen, and the "Sign In" again, it reliably worked. (That is, all initial attempts failed, all retries using just Chrome worked reliably.) Something about Win-G being activated changed the timing, I think.
However, for the optumrx/public/landing site, as you can see in the video, it never worked. (Although I believe that had I kept at it long enough it might finally have worked, once!) The difference between the two in terms of what's in the KeePass database is that: (a) optumrx/public... entry has no Additional URL entries. The AARP entry has the Additional URL for https://hsid11.optum.com (which is the login/password screen). (b) optumrx/public... entry uses REF entries for user name and password (referring to the AARP entry). The AARP item has real username/password entries. If I correctly understand what should be happening, the REF entries are irrelevant because when it gets to the login/password (hsid11) screen, it should use the entries for the AARP database entry.
Thus, my guess is that the extra time needed to find the Additional URL when "Sign In" is clicked on the optumrx/public site is sufficient to make something miss a timeout. Or something like that. (The occasional other times this happens would seem to confirm it's timing.)
Note... going directly to the hsid11 screen (without going through the optumrx/public/landing or AARP (or other) screens) doesn't work because some state information somewhere tells it to which website the login will be redirected. (That is, even though you "log in" on the same screen, they are different websites.)
I sympathize... the HSID website setup seems more complex than it should need to be. I wouldn't be surprised that in part the timeout (if it really is that) is coming from Chrome itself.
Donn
On Sun, Jan 17, 2021 at 5:43 AM Sami Vänttinen notifications@github.com wrote:
I'm not certain what the actual problem here is, as I can fill the credentials normally for the page. The green diamond only means there's newer KeePassXC version available.
Can you record a screen video that shows the problem?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/keepassxreboot/keepassxc-browser/issues/1179#issuecomment-761814659, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKS2YT7WJBNVTM6KQ7J3JV3S2LSONANCNFSM4WDAOM4Q .
If I load the login page here, and then click "Sign In", it goes to a login/password page, which is NOT filled in automatically (usually!). When that happens, the KeyPass plugin Icon (upper right of chrome frame) has a green diamond, and clicking on that brings up a popup to reload the page (with the message in the title).
When I do that, the page is completely refreshed to a different (non-login) page explaining "Health-Safe Id". (Chrome's refresh (circular arrow) has the same effect.)
If I fuss with it (lots of retries), every now and then it will work correctly and auto-fill. (Maybe one try in around 10).
Alt-Shift-U does work, so this isn't a blocker, but it is an irritant.
The website's behavior is clearly unfriendly by not reloading the login page, but I'm unsure if the browser plugin should handle this better (when first loading the page) or if it's a website problem. I'm happy to be grumpy at the website, but all I can expect is a bureaucratic response, so if it can be or should be fixed here (with a more responsive audience), I'd be happy to avoid that.
Expected Behavior
Login fields filled in automatically (of course, when so authorized!)
Current Behavior
Does not autofill (most of the time).
Possible Solution
No idea for a proper fix, but if the "Reload..." message is under your control, suggest Alt-Shift-U first. I'm on a "thin straw", 3Mbs download... don't know if that might be relevant or not.
Steps to Reproduce (for bugs)
(Repeat at will... back will take you to the page in step 1.)
Debug info
KeePassXC - 2.6.3 KeePassXC-Browser - 1.7.4 Operating system: Win32 Browser: Chrome/Chromium 87.0.4280.141