Issue 2786: password structure can be known from authorization window
http://code.google.com/p/chromium/issues/detail?id=2786
New issue report by shurik.barinov:
Product Version : 0.2.149.30 (2200)
URLs (if applicable) : n/a
Other browsers tested:
Add OK or FAIL after other browsers where you have tested this issue:
Safari 3: not tested
Firefox 3: ok
IE 7: ok
What steps will reproduce the problem?
1. Any site that requires authorization will pop up a window requesting
username/password. Once password is filled automatically it will be there
masked with *.
2. Double click on password field to the right of all stars.
3. Not the whole password field will be selected, but a chain (see attached
picture).
Examples:
if password is abc*123, then three stars for "123" will be selected.
if password is 123%qwert then "qwert" will be selected.
This discovers the password structure and can make a hack easier.
What is the expected result?
When double clicking to the password field the whole passowrd is selected
What happens instead?
A part of password is selected. This discovers the password structure in
some cases
Please provide any additional information below. Attach a screenshot if
possible.
Attachments:
chrome.PNG 10.0 KB
Issue attributes:
Status: Unconfirmed
Owner: [EMAIL PROTECTED]
Labels: Type-Bug Pri-2 OS-All Area-Unknown
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Chromium-bugs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/chromium-bugs?hl=en
-~----------~----~----~----~------~----~------~--~---
