Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Confusion with password stored in browser when setting up outbound emails #10496

Open
SinergiaCRM opened this issue Aug 7, 2024 · 0 comments
Open

Confusion with password stored in browser when setting up outbound emails #10496

SinergiaCRM opened this issue Aug 7, 2024 · 0 comments
Labels
Type: Bug Bugs within the core SuiteCRM codebase

Comments

@SinergiaCRM
Copy link
Contributor

SinergiaCRM commented Aug 7, 2024
edited
Loading

Issue

It is detected, both in the General Email Configuration view and in the editing view of the Outbound Email module, that if the browser has the password stored, the auto-completion of this field is performed even though the “Change Password” link is being displayed and apparently the password entry type is not part of the form. It is verified that the password entry has the display: none property.

Consequently, if the password saved in the browser is outdated or incorrect, performing the password auto-completion generates an authentication error when sending the test email even though the “Change Password” link is visibly visible.

This behavior can confuse the user since the password is correctly stored in the database but may be incorrectly stored in the browser.

In addition, in the Outbound Email module there is no “Change Password” link and when entering it, the password is also recovered from the browser, causing the possible error when performing the sending test.

This behavior was detected in Google Chrome Version 127.0.6533.72 (Official Build) (64-bit). With Firefox 128.0.3 (64-bit) it does not happen.

Possible Fix

Do not recover the browser password when accessing the Email Settings view or the Edit view of the Outbound Email module

Steps to Reproduce the Issue

  1. Access the Email Settings view and save a first configuration with the correct password. At the same time, save the password in the browser (After clicking on save the record, a dialog box is usually displayed to save the user and password in the browser)
  2. Exit the record and log in again. Click on the Change password button and check that the browser password is recovered.
  3. Go to the Outbound Email module and access the editing view of the system record. Check that the password stored in the browser is recovered in the password field.
  4. Access the browser's password manager and change the password to an incorrect one.
  5. Access the editing view of Email Settings and, with the password input "hidden" and the "Change Password" text displayed, check that the test sending is not carried out correctly
  6. Access the editing view of the Outbound Email system record and check that the recovered password is incorrect when obtaining an authentication error when sending a test email. Also, check that if we change the password, the test sending is carried out correctly

Context

No response

Version

7.14.3

What browser are you currently using?

Chrome

Browser Version

127.0.6533.72 (Official Build) (64-bit)

Environment Information

MySQL, PHP Version 7.4.33

Operating System and Version

Ubuntu 22.04.4 LTS
@SinergiaCRM SinergiaCRM added the Type: Bug Bugs within the core SuiteCRM codebase label Aug 7, 2024
ManuSinergiaCRM pushed a commit to SinergiaTIC/SinergiaCRM that referenced this issue Aug 7, 2024
@SinergiaCRM
Fix salesagility#10496 - Prevent password autofill when setting up em…
dd62299 
…ails
@SinergiaCRM SinergiaCRM mentioned this issue Aug 7, 2024
Open
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Bug Bugs within the core SuiteCRM codebase
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SinergiaCRM