Bug 122947 - Konqueror discloses information from previous pages input fields
Summary: Konqueror discloses information from previous pages input fields
Status: RESOLVED WORKSFORME
Alias: None
Product: konqueror
Classification: Applications
Component: khtml (show other bugs)
Version: unspecified
Platform: unspecified Linux
: NOR normal
Target Milestone: ---
Assignee: Konqueror Developers
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-03-02 01:00 UTC by alan
Modified: 2023-01-14 05:11 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description alan 2006-03-02 01:00:45 UTC
Version:           3.5.1 (using KDE 3.5.1, Debian Package 4:3.5.1-2 (testing/unstable))
Compiler:          Target: i486-linux-gnu
OS:                Linux (i686) release 2.6.15-1-k7

I have been developing a java application and spent some time trying to figure out why the wrong data was being placed in some input fields in an application.  That is until I did a View/Document Source.

The source of the page shows exactly what I would have expected - where as the screen shows data from some previous invocation of the page.

Here is the document source of the page


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Application: usermgr -->
<!-- Page: EditUser -->
<!-- Generated: Wed Mar 01 22:49:05 GMT 2006 -->
<html>
<head>
<meta name="generator" content="Tapestry Application Framework, version 4.0"/>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/>
<base href="http://localhost:8080/usermgr/"/>
<title>User Manager</title>
<link rel="stylesheet" type="text/css" href="/style/site.css"/>
<link rel="stylesheet" type="text/css" href="/style/user.css"/>
<link rel="stylesheet" type="text/css" href="[PAGECSSURL]"/>
</head>
<!-- Copyright (c) 2005,2006 Alan Chandler, licenced under the GPL (see LICENCE.txt file in META-INF directory) -->
<!-- Much of the text of the page comes from the application.properties file.  If you see items in square
	brackets where you would expect information, use this item as a key to the message file -->

<body>
<script type="text/javascript" src="/usermgr/assets/1f7008d3e65882519740d925d6c5a813/org/apache/tapestry/form/Form.js"></script>
<script type="text/javascript" src="/usermgr/assets/bb63871f5fc4d226b40d91fd3497b0d5/org/apache/tapestry/form/validator/RegExValidator.js"></script>

<div id="bread">
	
 <ul>
   <li><a href="/">Home</a></li>
   <li><a href="/usermgr/Home.page">Names Manager</a></li>
  <li>Edit User Details</li>
 </ul>

</div>


<form method="post" action="/usermgr/EditUser,$Border.$Form.do" name="Form" id="Form">
<div style="display:none;"><input type="hidden" name="formids" value="If_0,For,LinkSubmit,Hidden,Hidden_0,userName,password,confirm,email,fullname,Hidden_1,Hidden_0_0,roles,For_0"/>
<input type="hidden" name="submitmode" value=""/>
<input type="hidden" name="submitname" value=""/>
<input type="hidden" name="If_0" value="T"/>
<input type="hidden" name="For" value="VSsave"/>
<input type="hidden" name="Hidden" value="Scarrie"/>
<input type="hidden" name="Hidden_0" value="l180"/>
<input type="hidden" name="Hidden_1" value="ZH4sIAAAAAAAAACWOMQ6CQBREPwKaWBmtPYHJYmNhqOzU0BkP8IUVV5fF/F0Q7Kw9gYU3sLS0t/ce3kGQKaaYeZPM4wuuJhhlB5ZSzMIdqkhy2mIiZMkyzSmJiUVocIOas3UVXOfjqcpekxbYS+jknLRIVQCOwoQb6Ad7zNGTqGJvZUio2A/ApVRybaDXlJkR0guENn5xhEZPA+0QiQSv3gxqitUUmxFhWaPF5TO8vfFug7UAR4sz/2+tk1N514CLUSJU8QPMWsL30AAAAA=="/>
<input type="hidden" name="Hidden_0_0" value="OrO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAADdwQAAAADdAAGZWRpdG9ydAAJZGV2ZWxvcGVydAAFYWRtaW54"/>
<input type="hidden" name="For_0" value="VSeditor"/>
<input type="hidden" name="For_0" value="VSdeveloper"/>
<input type="hidden" name="For_0" value="VSadmin"/>
</div>
<!--  Header Section -->
<div id="header">
<div id="bars" class="column">
<div id="sitetitle">
<h1>User Manager</h1>
</div>

<div id="menu">
<ul>
<li class="first"><a href="javascript:Tapestry.submit_form('Form', 'LinkSubmit');" id="LinkSubmit">Save Changes</a></li>

</ul>
</div>

</div>
<div id="logo" class="column">
</div>
</div>
<!-- Body -->
<div id="content">




<div id="centre" class="column">
 <!-- Copyright (c) 2006 Alan Chandler, licenced under the GPL (see LICENCE.txt file in META-INF directory)  -->



<label for="userName">User Name</label>
<input type="text" name="userName" value="carrie" id="userName"/><br/>

<label for="password">Password</label>
<input type="password" name="password" value="" id="password"/><br/>
 
<label for="confirm">Confirm Password</label>
<input type="password" name="confirm" value="" id="confirm"/><br/>

<label for="email">Email Address</label>
<input type="text" name="email" value="" id="email"/><br/>

<label for="fullname">Full Name</label>
<input type="text" name="fullname" value="" id="fullname"/><br/>

 
 
 
 <label for="roles">Current Roles</label>
<select name="roles" multiple="multiple" id="roles">
 
  <option value="0">editor</option>
 
  <option value="1">developer</option>
 
  <option value="2" selected="selected">admin</option>
 
</select>
 
</div>



</div>
</form>




<!-- Footer Section -->
<div id="footer">
<div id="copy" class="column">
<p>Unless otherwise stated the content of this site is copyright &copy; 2006 Alan Chandler. Please see
<a href="/licence.html">licence conditions</a> for details on copying.</p>
</div>
<div id="version" class="column">
<p><img src="/images/PoweredByTapestry.gif" width="69" alt="Powered By Tapestry" height="33"></img>
Version
<ul>
<li>site: 6.2.0</li>
<li>usermgr: 1.0.0</li>
</ul>
</p>
</div>
<div id="webmaster" class="column"><p>Any issues with the site, please contact the <a href="mailto:alan@chandlerfamily.org.uk?subject=&quot;Web Site Issues&quot;">Webmaster</a></p></div> 
</div>
<script language="JavaScript" type="text/javascript"><!--
Tapestry.register_form('Form');
Tapestry.onsubmit('Form', function(event) { Tapestry.require_field(event, 'email', 'You must enter a value for null.'); });
Tapestry.onsubmit('Form', function(event) { Tapestry.validate_regex(event, 'email', '\^\\w\[\-\._\\w\]\*\\w\@\\w\[\-\._\\w\]\*\\w\\\.\\w\{2\,6\}\$', 'Invalid email format for null.  Format is user@hostname.'); });
Tapestry.set_focus('email');

// --></script></body>
</html>
<!-- Render time: ~ 17 ms -->



In particular the <div id="centre"> shows some text input fields with data produced by my application.  However a screenshot shows completely different data as shown here

http://www.chandlerfamily.org.uk/photos/d/480-1/EditUserDetailsForm.png

There is a small possibility that javascript somehow creates differnent content to the screen shot - except

a) Firefox does not show this data, but as I would have expected
b) There is no reason to expect it to display this data - where does it come from

What worries me is that there is a considerable security risk if konqueror is somehow showing data from elsewhere.
Comment 1 alan 2006-03-02 08:06:44 UTC
OK - I just found the configuration item which was checked for Autocompletion of forms.  That is what I guess is happening here.

HOWEVER - I turned it off, and it still fills in the form
Comment 2 Thiago Macieira 2006-03-03 20:00:58 UTC
Probably because it's no longer saving form data, but it is using what was already there.
Comment 3 alan 2006-03-03 21:10:31 UTC
Even so, 

1) if its turned off, it should be turned off

2)if the server is sending data in the "value" parameter of the input field (which it is in the example above) then it seems strange that the browser should overwrite it. 
Comment 4 Thiago Macieira 2006-03-03 22:08:28 UTC
1) I know, that's why I didn't close the bug report. It is a bug.

2) I've never seen it automatically overwrite fields.
Comment 5 Ivor Hewitt 2006-03-05 18:58:16 UTC
Can't duplicate here. Can you provide a cut down example page and steps you take to reproduce?
Comment 6 alan 2006-03-05 21:26:03 UTC
On Sunday 05 March 2006 17:58, Ivor Hewitt wrote:

> Can't duplicate here. Can you provide a cut down example page and steps you
> take to reproduce?


I can reproduce it very easily on a dynamic application I have here, but not 
on the static page I create by viewing the page source (when it is displaying 
one thing and showing another) and saving it (the same source that I put in 
the original bug report) as a file.  When I then read with konqueror it comes 
out perfectly.

I can't prove it is not the javascript linked to in the page .  I will try and 
find a way to prove whether it is the javascript or not.  I suppose its 
possible, there is a delay between the first render of the page and the 
subsequent overwriting of the fields (ie I see the correct values, followed 
about 1/2 sec later with the incorrect values), although that could just as 
easily be  konqueror searching an internal database.

[Incidentally - where are these values stored - I tried grepping all of .kde 
subdirectory for them but they do not appear]

There is one other element to the equation, which might be why the static 
version works whilst the dynamic version does not I have BASIC authentication 
turned on in Tomcat, and I am entering my name and password just prior to the 
form comming up in the dynamic application.  It may be getting it confused 
from there.
Comment 7 alan 2006-03-06 09:18:33 UTC
On Sunday 05 March 2006 20:26, alan@chandlerfamily.org.uk wrote:

> I can't prove it is not the javascript linked to in the page .  I will try
> and find a way to prove whether it is the javascript or not.  I suppose its
> possible, there is a delay between the first render of the page and the
> subsequent overwriting of the fields (ie I see the correct values, followed
> about 1/2 sec later with the incorrect values), although that could just as
> easily be  konqueror searching an internal database.


Although I still can't get a static version of the page to fail, I think I 
have proved it is NOT the javascript.

I ran the application that is causing the problem and checked it was 
displaying the fields for the wrong user.  I then shut down both browser and 
server (to clear any caches on the server).

I then manually (ie not through the application) changed the underlying data 
in the database for the wrong user so that now there is no copy of data as 
had been displayed known to the server.

I then restarted the server and accessed the page as before.  When the data in 
the input fields were overwritten  by the browser, it was using the data it 
had displayed wrongly previously - not the updated version from the database.  
Since the only place such data could exist is in a cache held by konqueror 
(or kwallet?) there is no way the javascript could have used it.


I have discovered one more aspect of this problem that might help track it 
down.  As you can see from the picture of the form I supplied earlier the 
form consists of a username field, two password fields, and e-mail and 
fullname field.  There is also a multi-select box.

The username, password fields and e-mail are filled in immediately.  The 
fullname field does not update until the first mouse movement.
Comment 8 Andrew Crouthamel 2018-11-06 15:05:25 UTC
Dear Bug Submitter,

This bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? I am setting the status to NEEDSINFO pending your response, please change the Status back to REPORTED when you respond.

Thank you for helping us make KDE software even better for everyone!
Comment 9 Andrew Crouthamel 2018-11-17 04:58:20 UTC
Dear Bug Submitter,

This is a reminder that this bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? This bug will be moved back to REPORTED Status for manual review later, which may take a while. If you are able to, please lend us a hand.

Thank you for helping us make KDE software even better for everyone!
Comment 10 Justin Zobel 2022-12-15 05:49:02 UTC
Thank you for reporting this issue in KDE software. As it has been a while since this issue was reported, can we please ask you to see if you can reproduce the issue with a recent software version?

If you can reproduce the issue, please change the status to "REPORTED" when replying. Thank you!
Comment 11 Bug Janitor Service 2022-12-30 05:22:08 UTC
Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!
Comment 12 Bug Janitor Service 2023-01-14 05:11:13 UTC
This bug has been in NEEDSINFO status with no change for at least
30 days. The bug is now closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!