search

keepassxreboot / keepassxc-browser

KeePassXC Browser Extension
GNU General Public License v3.0
1.73k stars 179 forks source link

autofill+autosubmit auto-deletes codeberg (gitea) account #1687

Open KiaraGrouwstra opened 2 years ago

KiaraGrouwstra commented 2 years ago

cross-posting issue from gitea.

Expected Behavior

accounts not auto-deleted

Current Behavior

i made an account on codeberg, a public gitea instance. i perused through the account settings, to be logged out. i found i couldn't log back in -- my account was gone. after a few cycles i found this happened each time i visited /user/settings/account. i then realized this related to keepassxc + keepassxc-browser. to facilitate automated login, i had enabled the convenience feature to auto-fill and auto-submit forms thru that.

Possible Solution

now, as a user, i find it undesirable to have tools automatically delete my account.

for what it's worth, knowing what happened, i was able to disable the auto-submit feature for the domain of codeberg. i'm new to gitea while i was already using KeepassXC tho. it would seem somewhat horrifying to imagine the opposite scenario -- a long-time gitea user switching to KeepassXC (or others) then find out it deletes their accounts on gitea instances.

i'm aware this raises questions of responsibility, as this might be avoided in different ways:

arguably, gitea has made some effort already by having the relevant password input contain the autocomplete="off" attribute. this may well be on the end-user having tools that ignore that. specifically, the input here is:

<input id="password-confirmation" name="password" type="password" autocomplete="off" required="">

nevertheless tho, i feel given the weight of the consequences, together with the ease of this mistake, it might be preferable in this case to attempt further steps to prevent such a scenario.

this makes me wonder: what might be the most elegant place and way to resolve such a scenario? now, i don't feel knowledgeable enough about these tools to answer that question.

specifically, for my an open question here is: how does keepassxc-browser detect fields to auto-fill anyway? did it detect this field over the attribute name="password"? or even over just type="password" or id id="password-confirmation"? is there any way we might distinguish between fields that the user may or may not want to automatically fill and submit in the first place?

varjolintu commented 2 years ago

Could you elaborate how exactly Auto-Submit leads to an account deletion? Also, can you restrict your entry URL to something like https://gitea.com/user/login so it will only be used for that page with Auto-Submit? What URL are you using now?

KiaraGrouwstra commented 2 years ago

the account deletion is part of a regular form in the account settings in gitea, for me triggered from https://codeberg.org/user/settings/account.

i was using auto-fill and auto-submit globally -- once a user knows that for this site a global enable functions undesirably for this page, they can indeed change the autofill settings. however, in this case, that'd seem arguably too late.

irishgeoff20 commented 11 months ago

codeberg pages forms