Version: 3.5.1 (using KDE 3.5.1, Debian Package 4:3.5.1-2 (testing/unstable)) Compiler: Target: i486-linux-gnu OS: Linux (i686) release 2.6.15-1-k7 I have been developing a java application and spent some time trying to figure out why the wrong data was being placed in some input fields in an application. That is until I did a View/Document Source. The source of the page shows exactly what I would have expected - where as the screen shows data from some previous invocation of the page. Here is the document source of the page <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!-- Application: usermgr --> <!-- Page: EditUser --> <!-- Generated: Wed Mar 01 22:49:05 GMT 2006 --> <html> <head> <meta name="generator" content="Tapestry Application Framework, version 4.0"/> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/> <base href="http://localhost:8080/usermgr/"/> <title>User Manager</title> <link rel="stylesheet" type="text/css" href="/style/site.css"/> <link rel="stylesheet" type="text/css" href="/style/user.css"/> <link rel="stylesheet" type="text/css" href="[PAGECSSURL]"/> </head> <!-- Copyright (c) 2005,2006 Alan Chandler, licenced under the GPL (see LICENCE.txt file in META-INF directory) --> <!-- Much of the text of the page comes from the application.properties file. If you see items in square brackets where you would expect information, use this item as a key to the message file --> <body> <script type="text/javascript" src="/usermgr/assets/1f7008d3e65882519740d925d6c5a813/org/apache/tapestry/form/Form.js"></script> <script type="text/javascript" src="/usermgr/assets/bb63871f5fc4d226b40d91fd3497b0d5/org/apache/tapestry/form/validator/RegExValidator.js"></script> <div id="bread"> <ul> <li><a href="/">Home</a></li> <li><a href="/usermgr/Home.page">Names Manager</a></li> <li>Edit User Details</li> </ul> </div> <form method="post" action="/usermgr/EditUser,$Border.$Form.do" name="Form" id="Form"> <div style="display:none;"><input type="hidden" name="formids" value="If_0,For,LinkSubmit,Hidden,Hidden_0,userName,password,confirm,email,fullname,Hidden_1,Hidden_0_0,roles,For_0"/> <input type="hidden" name="submitmode" value=""/> <input type="hidden" name="submitname" value=""/> <input type="hidden" name="If_0" value="T"/> <input type="hidden" name="For" value="VSsave"/> <input type="hidden" name="Hidden" value="Scarrie"/> <input type="hidden" name="Hidden_0" value="l180"/> <input type="hidden" name="Hidden_1" value="ZH4sIAAAAAAAAACWOMQ6CQBREPwKaWBmtPYHJYmNhqOzU0BkP8IUVV5fF/F0Q7Kw9gYU3sLS0t/ce3kGQKaaYeZPM4wuuJhhlB5ZSzMIdqkhy2mIiZMkyzSmJiUVocIOas3UVXOfjqcpekxbYS+jknLRIVQCOwoQb6Ad7zNGTqGJvZUio2A/ApVRybaDXlJkR0guENn5xhEZPA+0QiQSv3gxqitUUmxFhWaPF5TO8vfFug7UAR4sz/2+tk1N514CLUSJU8QPMWsL30AAAAA=="/> <input type="hidden" name="Hidden_0_0" value="OrO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAADdwQAAAADdAAGZWRpdG9ydAAJZGV2ZWxvcGVydAAFYWRtaW54"/> <input type="hidden" name="For_0" value="VSeditor"/> <input type="hidden" name="For_0" value="VSdeveloper"/> <input type="hidden" name="For_0" value="VSadmin"/> </div> <!-- Header Section --> <div id="header"> <div id="bars" class="column"> <div id="sitetitle"> <h1>User Manager</h1> </div> <div id="menu"> <ul> <li class="first"><a href="javascript:Tapestry.submit_form('Form', 'LinkSubmit');" id="LinkSubmit">Save Changes</a></li> </ul> </div> </div> <div id="logo" class="column"> </div> </div> <!-- Body --> <div id="content"> <div id="centre" class="column"> <!-- Copyright (c) 2006 Alan Chandler, licenced under the GPL (see LICENCE.txt file in META-INF directory) --> <label for="userName">User Name</label> <input type="text" name="userName" value="carrie" id="userName"/><br/> <label for="password">Password</label> <input type="password" name="password" value="" id="password"/><br/> <label for="confirm">Confirm Password</label> <input type="password" name="confirm" value="" id="confirm"/><br/> <label for="email">Email Address</label> <input type="text" name="email" value="" id="email"/><br/> <label for="fullname">Full Name</label> <input type="text" name="fullname" value="" id="fullname"/><br/> <label for="roles">Current Roles</label> <select name="roles" multiple="multiple" id="roles"> <option value="0">editor</option> <option value="1">developer</option> <option value="2" selected="selected">admin</option> </select> </div> </div> </form> <!-- Footer Section --> <div id="footer"> <div id="copy" class="column"> <p>Unless otherwise stated the content of this site is copyright © 2006 Alan Chandler. Please see <a href="/licence.html">licence conditions</a> for details on copying.</p> </div> <div id="version" class="column"> <p><img src="/images/PoweredByTapestry.gif" width="69" alt="Powered By Tapestry" height="33"></img> Version <ul> <li>site: 6.2.0</li> <li>usermgr: 1.0.0</li> </ul> </p> </div> <div id="webmaster" class="column"><p>Any issues with the site, please contact the <a href="mailto:alan@chandlerfamily.org.uk?subject="Web Site Issues"">Webmaster</a></p></div> </div> <script language="JavaScript" type="text/javascript"><!-- Tapestry.register_form('Form'); Tapestry.onsubmit('Form', function(event) { Tapestry.require_field(event, 'email', 'You must enter a value for null.'); }); Tapestry.onsubmit('Form', function(event) { Tapestry.validate_regex(event, 'email', '\^\\w\[\-\._\\w\]\*\\w\@\\w\[\-\._\\w\]\*\\w\\\.\\w\{2\,6\}\$', 'Invalid email format for null. Format is user@hostname.'); }); Tapestry.set_focus('email'); // --></script></body> </html> <!-- Render time: ~ 17 ms --> In particular the <div id="centre"> shows some text input fields with data produced by my application. However a screenshot shows completely different data as shown here http://www.chandlerfamily.org.uk/photos/d/480-1/EditUserDetailsForm.png There is a small possibility that javascript somehow creates differnent content to the screen shot - except a) Firefox does not show this data, but as I would have expected b) There is no reason to expect it to display this data - where does it come from What worries me is that there is a considerable security risk if konqueror is somehow showing data from elsewhere.
OK - I just found the configuration item which was checked for Autocompletion of forms. That is what I guess is happening here. HOWEVER - I turned it off, and it still fills in the form
Probably because it's no longer saving form data, but it is using what was already there.
Even so, 1) if its turned off, it should be turned off 2)if the server is sending data in the "value" parameter of the input field (which it is in the example above) then it seems strange that the browser should overwrite it.
1) I know, that's why I didn't close the bug report. It is a bug. 2) I've never seen it automatically overwrite fields.
Can't duplicate here. Can you provide a cut down example page and steps you take to reproduce?
On Sunday 05 March 2006 17:58, Ivor Hewitt wrote: > Can't duplicate here. Can you provide a cut down example page and steps you > take to reproduce? I can reproduce it very easily on a dynamic application I have here, but not on the static page I create by viewing the page source (when it is displaying one thing and showing another) and saving it (the same source that I put in the original bug report) as a file. When I then read with konqueror it comes out perfectly. I can't prove it is not the javascript linked to in the page . I will try and find a way to prove whether it is the javascript or not. I suppose its possible, there is a delay between the first render of the page and the subsequent overwriting of the fields (ie I see the correct values, followed about 1/2 sec later with the incorrect values), although that could just as easily be konqueror searching an internal database. [Incidentally - where are these values stored - I tried grepping all of .kde subdirectory for them but they do not appear] There is one other element to the equation, which might be why the static version works whilst the dynamic version does not I have BASIC authentication turned on in Tomcat, and I am entering my name and password just prior to the form comming up in the dynamic application. It may be getting it confused from there.
On Sunday 05 March 2006 20:26, alan@chandlerfamily.org.uk wrote: > I can't prove it is not the javascript linked to in the page . I will try > and find a way to prove whether it is the javascript or not. I suppose its > possible, there is a delay between the first render of the page and the > subsequent overwriting of the fields (ie I see the correct values, followed > about 1/2 sec later with the incorrect values), although that could just as > easily be konqueror searching an internal database. Although I still can't get a static version of the page to fail, I think I have proved it is NOT the javascript. I ran the application that is causing the problem and checked it was displaying the fields for the wrong user. I then shut down both browser and server (to clear any caches on the server). I then manually (ie not through the application) changed the underlying data in the database for the wrong user so that now there is no copy of data as had been displayed known to the server. I then restarted the server and accessed the page as before. When the data in the input fields were overwritten by the browser, it was using the data it had displayed wrongly previously - not the updated version from the database. Since the only place such data could exist is in a cache held by konqueror (or kwallet?) there is no way the javascript could have used it. I have discovered one more aspect of this problem that might help track it down. As you can see from the picture of the form I supplied earlier the form consists of a username field, two password fields, and e-mail and fullname field. There is also a multi-select box. The username, password fields and e-mail are filled in immediately. The fullname field does not update until the first mouse movement.
Dear Bug Submitter, This bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? I am setting the status to NEEDSINFO pending your response, please change the Status back to REPORTED when you respond. Thank you for helping us make KDE software even better for everyone!
Dear Bug Submitter, This is a reminder that this bug has been stagnant for a long time. Could you help us out and re-test if the bug is valid in the latest version? This bug will be moved back to REPORTED Status for manual review later, which may take a while. If you are able to, please lend us a hand. Thank you for helping us make KDE software even better for everyone!
Thank you for reporting this issue in KDE software. As it has been a while since this issue was reported, can we please ask you to see if you can reproduce the issue with a recent software version? If you can reproduce the issue, please change the status to "REPORTED" when replying. Thank you!
Dear Bug Submitter, This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information as soon as possible and set the bug status as REPORTED. Due to regular bug tracker maintenance, if the bug is still in NEEDSINFO status with no change in 30 days the bug will be closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging If you have already provided the requested information, please mark the bug as REPORTED so that the KDE team knows that the bug is ready to be confirmed. Thank you for helping us make KDE software even better for everyone!
This bug has been in NEEDSINFO status with no change for at least 30 days. The bug is now closed as RESOLVED > WORKSFORME due to lack of needed information. For more information about our bug triaging procedures please read the wiki located here: https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging Thank you for helping us make KDE software even better for everyone!