| Issue 52940: | Auto Complete Failed | |
| 10 people starred this issue and may be notified of changes. | Back to list |
|
Sign in to add a comment
|
Chrome Version : 6.0.472.41
URLs (if applicable) : mail.google.com
Other browsers tested:
Add OK or FAIL after other browsers where you have tested this issue:
Safari 4: Ok
Firefox 3.x: Ok
IE 7: Ok
IE 8: Ok
What steps will reproduce the problem?
1.Just go to Gmail
2.Testing the Auto Complete in Subject
3.
What is the expected result?
Start version 6 of Chrome can't remember anything typed before.
What happens instead?
Didn't show any Auto Complete Suggest.
Please provide any additional information below. Attach a screenshot if
possible.
Comment
1
by
anna...@chromium.org,
Aug 20, 2010
Labels: Feature-Autofill
,
Aug 30, 2010
No, it is not related to Autofill. It is Auto Complete, which browser should remember what we've type previously for example in Gmail subject line.
,
Aug 30, 2010
For example, if typed "Apple" previously, when next time type "A" it should suggest Auto Complete as "Apple". But Chrome 6 having bug on this, it remembers nothing.
,
Aug 30, 2010
It happens on Chrome742.51/ WinXP/ Ubuntu9.04
Labels: -Pri-2 -Area-Undefined Pri-1 Area-UI Regression Mstone-6 ReleaseBlock-Stable OS-All 472-TopIssues
,
Aug 30, 2010
I had 5.0.375.127 and over installed with 6.0.472.51. Looks like the suggestions from 5.0 gets migrated but the auto complete suggestions from 6.0 doesn't show up. Might be related to issue 49980 .
Status: Untriaged
Cc: k...@chromium.org anan...@chromium.org jcive...@chromium.org
,
Aug 30, 2010
I can repro by starting chrome 6.0.472.51 with a clean profile (--user-data-dir="%temp%\fillit") on Vista. Open gmail. Type an email, with subject "This is a test". Send it. Start a second email. Type "T" in the Subject line. EXPECTED: Autocomplete suggestion: [This is a test] ACTUAL: No autocomplete suggestions at all. NOTE: I do get autocomplete suggestions on other forms such as the internal wiki search box and the google account login "email" field that I used to log into Gmail.
Status: Assigned
Owner: jcive...@chromium.org Cc: jhawk...@chromium.org
,
Aug 30, 2010
One of my notebook not even get auto complete suggestions at the google account login "email" field that I used to log into Gmail. But wonder why my other 2 desktop don't have this issue, which with the same specification conditions.
,
Aug 31, 2010
kohyung, Could you please check what Chrome version(about:version) you have on those machines? What OS do these machines have?
,
Aug 31, 2010
I bisected the continuous builds (on Linux). It appears to have been introduced somewhere between r55534 and r55678. http://build.chromium.org/buildbot/continuous/linux/2010-08-09/55534/ http://build.chromium.org/buildbot/continuous/linux/2010-08-10/55678/ A thought: If it's unrelated to unusual attributes on Gmail's subject field, could it perhaps be something funny with how the form is submitted?
,
Aug 31, 2010
r55626 looks promising. http://crrev.com/55626
,
Aug 31, 2010
The issue starts to happen on 6.0.472.36 (Official Build 55963). It works fine until 6.0.472.33 (Official Build 55501).
,
Aug 31, 2010
I confirm r55626 is causing the regression. GMail must be submitting the form from JavaScript and that CL causes us not to store the email subject for Autocomplete. When I remove r55626, it works again. Jay
,
Aug 31, 2010
http://crrev.com/55626 looks like a winner. It was merged to the 472 branch at http://crrev.com/55661, which would have first been released in 472.36. From inferno: Not store autocomplete entries in DB for forms submitted using javascript. Fixes issue 51727
Cc: infe...@chromium.org
,
Aug 31, 2010
Issue 53567 has been merged into this issue.
,
Aug 31, 2010
This is happening on Google Help Forums as well.
,
Aug 31, 2010
Looking into it.
,
Aug 31, 2010
I just copied from our fix in autofill and autofill will be equally affected - http://src.chromium.org/viewvc/chrome?view=rev&revision=53686. James, looks like we had some confusion here, i had recommended hooking up with UserGestureIndicator, and instead we just looked at the javascript submission trigger in http://code.google.com/p/chromium/issues/detail?id=48225. Rethinking on this, this security issue might not be fixable since submit button on such complex sites might not the submit button in form and they will just use javascript to submit form. So, autocomplete or autofill will not have a way to make this distinction. What do you think. Looks like we would need to take back these two bug fixes. there are two issues 1) Autofill bug was significant, since an attacker can mess the entire autofill ui with junk entry and even cause a browser DOS. 2) autocomplete bug is ok since we do have a max restriction on how many entries can go for each field. however, it is still easy spam. it is in public - http://jeremiahgrossman.blogspot.com/2010/07/in-firefox-we-cant-read-auto-complete.html can someone try autofill on a google checkout site, if it works. if the form is simple, it will. otherwise, it will be broken like autocomplete.
Cc: secur...@chromium.org
,
Aug 31, 2010
An urgent plan of action:: 1. Remove the following fixes from 472 a) http://src.chromium.org/viewvc/chrome?view=rev&revision=55661 - Not store autocomplete entries in DB for forms submitted using javascript. b) http://src.chromium.org/viewvc/chrome?view=rev&revision=55662 - Unittest fix. Need to put usersubmitted = true for unittests c) http://src.chromium.org/viewvc/chrome?view=rev&revision=53686 - AutoFill: Record whether the user initiated the form submission and don't save form data if the form was not user-submitted. [This one is bad from a security perspective, i am sad because someone will discover it sooner or later] 2) Reopen the security bugs - 48225, 51727 3) Use UserGestureIndicator when user types in any one of the form fields. Looks like we cannot rely on submit button for complex sites. Need to run the suggestion through Adam. if he agrees, then James can fix it in webkit first and then pick up in chrome. James, David, what do you think ??
Cc: aba...@chromium.org dholl...@chromium.org
,
Aug 31, 2010
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=58038
------------------------------------------------------------------------
r58038 | inferno@chromium.org | 2010-08-31 12:16:51 -0700 (Tue, 31 Aug 2010) | 11 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/browser/autocomplete_history_manager.cc?r1=58038&r2=58037
Revert 55661 - Merge 55626 - Not store autocomplete entries in DB for forms submitted using javascript.
BUG=51727,52940
Review URL: http://codereview.chromium.org/3149003
TBR=inferno@chromium.org
Review URL: http://codereview.chromium.org/3145007
TBR=inferno@chromium.org
Review URL: http://codereview.chromium.org/3286006
------------------------------------------------------------------------
,
Aug 31, 2010
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=58039
------------------------------------------------------------------------
r58039 | inferno@chromium.org | 2010-08-31 12:18:11 -0700 (Tue, 31 Aug 2010) | 11 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/browser/autocomplete_history_manager_unittest.cc?r1=58039&r2=58038
Revert 55662 - Merge 55632 - Unittest fix. Need to put usersubmitted = true for unittests.
BUG=51727,52940
Review URL: http://codereview.chromium.org/3151006
TBR=inferno@chromium.org
Review URL: http://codereview.chromium.org/3110007
TBR=inferno@chromium.org
Review URL: http://codereview.chromium.org/3276006
------------------------------------------------------------------------
,
Aug 31, 2010
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=58044
------------------------------------------------------------------------
r58044 | inferno@chromium.org | 2010-08-31 12:27:48 -0700 (Tue, 31 Aug 2010) | 12 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/browser/autofill/autofill_manager.cc?r1=58044&r2=58043
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/browser/autofill/form_structure.cc?r1=58044&r2=58043
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/browser/autofill/form_structure_unittest.cc?r1=58044&r2=58043
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/common/render_messages.h?r1=58044&r2=58043
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/renderer/form_manager.cc?r1=58044&r2=58043
M http://src.chromium.org/viewvc/chrome/branches/472/src/webkit/glue/form_data.h?r1=58044&r2=58043
Revert 53686 - Merge 53350 - AutoFill: Record whether the user initiated the form submission and don't save form data if the form was not user-submitted.
BUG=48225,52940
TEST=none
Review URL: http://codereview.chromium.org/2842062
TBR=jhawkins@chromium.org
Review URL: http://codereview.chromium.org/3063008
TBR=inferno@chromium.org
Review URL: http://codereview.chromium.org/3251007
------------------------------------------------------------------------
,
Aug 31, 2010
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=58049
------------------------------------------------------------------------
r58049 | inferno@chromium.org | 2010-08-31 12:42:34 -0700 (Tue, 31 Aug 2010) | 35 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/branches/WebKit/472/WebCore/html/HTMLFormElement.cpp?r1=58049&r2=58048
M http://src.chromium.org/viewvc/chrome/branches/WebKit/472/WebCore/html/HTMLFormElement.h?r1=58049&r2=58048
M http://src.chromium.org/viewvc/chrome/branches/WebKit/472/WebKit/chromium/public/WebFormElement.h?r1=58049&r2=58048
M http://src.chromium.org/viewvc/chrome/branches/WebKit/472/WebKit/chromium/src/WebFormElement.cpp?r1=58049&r2=58048
Revert 53685 - Merge 63786 - 2010-07-16 James Hawkins <jhawkins@chromium.org>
Reviewed by Darin Fisher.
[Chromium] Implement WebFormElement::wasUserSubmitted(). This is used to
verify that the user submitted the form instead of JS when saving form
data in AutoFill.
https://bugs.webkit.org/show_bug.cgi?id=42479
* public/WebFormElement.h:
* src/WebFormElement.cpp:
(WebKit::WebFormElement::wasUserSubmitted):
2010-07-16 James Hawkins <jhawkins@chromium.org>
Reviewed by Darin Fisher.
Expose the form submission trigger on the HTMLFormElement object. This
is used to verify that the user submitted the form instead of JS when
saving form data in Chrome AutoFill.
https://bugs.webkit.org/show_bug.cgi?id=42479
No new tests as this is only used by the Chromium WebKit API.
* html/HTMLFormElement.cpp:
(WebCore::HTMLFormElement::HTMLFormElement):
(WebCore::HTMLFormElement::submit):
(WebCore::HTMLFormElement::reset):
(WebCore::HTMLFormElement::submissionTrigger):
* html/HTMLFormElement.h:
BUG=48225,52940
Review URL: http://codereview.chromium.org/2881040
Review URL: http://codereview.chromium.org/3215013
------------------------------------------------------------------------
,
Aug 31, 2010
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=58052
------------------------------------------------------------------------
r58052 | inferno@chromium.org | 2010-08-31 12:54:02 -0700 (Tue, 31 Aug 2010) | 38 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/branches/WebKit/472/WebCore/html/HTMLFormElement.cpp?r1=58052&r2=58051
M http://src.chromium.org/viewvc/chrome/branches/WebKit/472/WebCore/html/HTMLFormElement.h?r1=58052&r2=58051
M http://src.chromium.org/viewvc/chrome/branches/WebKit/472/WebKit/chromium/public/WebFormElement.h?r1=58052&r2=58051
M http://src.chromium.org/viewvc/chrome/branches/WebKit/472/WebKit/chromium/src/WebFormElement.cpp?r1=58052&r2=58051
Revert 58049 - Revert 53685 - Merge 63786 - 2010-07-16 James Hawkins <jhawkins@chromium.org>
Reviewed by Darin Fisher.
[Chromium] Implement WebFormElement::wasUserSubmitted(). This is used to
verify that the user submitted the form instead of JS when saving form
data in AutoFill.
https://bugs.webkit.org/show_bug.cgi?id=42479
* public/WebFormElement.h:
* src/WebFormElement.cpp:
(WebKit::WebFormElement::wasUserSubmitted):
2010-07-16 James Hawkins <jhawkins@chromium.org>
Reviewed by Darin Fisher.
Expose the form submission trigger on the HTMLFormElement object. This
is used to verify that the user submitted the form instead of JS when
saving form data in Chrome AutoFill.
https://bugs.webkit.org/show_bug.cgi?id=42479
No new tests as this is only used by the Chromium WebKit API.
* html/HTMLFormElement.cpp:
(WebCore::HTMLFormElement::HTMLFormElement):
(WebCore::HTMLFormElement::submit):
(WebCore::HTMLFormElement::reset):
(WebCore::HTMLFormElement::submissionTrigger):
* html/HTMLFormElement.h:
BUG=48225,52940
Review URL: http://codereview.chromium.org/2881040
Review URL: http://codereview.chromium.org/3215013
TBR=inferno@chromium.org
Review URL: http://codereview.chromium.org/3279009
------------------------------------------------------------------------
,
Aug 31, 2010
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=58053
------------------------------------------------------------------------
r58053 | inferno@chromium.org | 2010-08-31 12:55:58 -0700 (Tue, 31 Aug 2010) | 15 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/browser/autofill/autofill_manager.cc?r1=58053&r2=58052
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/browser/autofill/form_structure.cc?r1=58053&r2=58052
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/browser/autofill/form_structure_unittest.cc?r1=58053&r2=58052
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/common/render_messages.h?r1=58053&r2=58052
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/renderer/form_manager.cc?r1=58053&r2=58052
M http://src.chromium.org/viewvc/chrome/branches/472/src/webkit/glue/form_data.h?r1=58053&r2=58052
Revert 58044 - Revert 53686 - Merge 53350 - AutoFill: Record whether the user initiated the form submission and don't save form data if the form was not user-submitted.
BUG=48225,52940
TEST=none
Review URL: http://codereview.chromium.org/2842062
TBR=jhawkins@chromium.org
Review URL: http://codereview.chromium.org/3063008
TBR=inferno@chromium.org
Review URL: http://codereview.chromium.org/3251007
TBR=inferno@chromium.org
Review URL: http://codereview.chromium.org/3258008
------------------------------------------------------------------------
,
Aug 31, 2010
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=58054
------------------------------------------------------------------------
r58054 | inferno@chromium.org | 2010-08-31 13:03:09 -0700 (Tue, 31 Aug 2010) | 5 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/branches/472/src/chrome/browser/autofill/autofill_manager.cc?r1=58054&r2=58053
Remove javascript form submission security check until furthur analysis.
BUG=48225
Review URL: http://codereview.chromium.org/3287006
,
Aug 31, 2010
Both Autofill, Autocomplete fixed now with last checkin 58054. Tested on linux 472.
Cc: m...@chromium.org
,
Aug 31, 2010
I am not familiar with the actual security issue, but I agree: requiring form posts to be user initiated is not going to be an option. When looking in the debugger, it appears that the form submission in the "send email" case in GMail is done with a setTimeout. Like you say, many other sites might be doing things similarly. Jay
,
Aug 31, 2010
Jay, i can only think of one fix (which i will be probably pursing with David) which is if user types in any of form fields, that will initiate a usergesture and we make decisions based on that. We can close this bug since security bugs are reopened and I will track the security fixes from there.
,
Aug 31, 2010
QA team, please dont test it on trunk, that is the reason you are getting different results. The changes are only reverted on 472 which is going to be v6.
Status: Fixed
,
Sep 2, 2010
After updating to 6.0.472.53, my autofill problem on Google Help Groups remains. I describe my situation in Issue 53567 . which was merged into this one.
,
Sep 2, 2010
I dont think the fix is pushed yet. Kerz, it will be pushed next week, right ?
,
Sep 2, 2010
Just verify that not yet solved in 6.0.472.53
,
Sep 2, 2010
So Google updated the stable version from 5 to 6 without fixing the autofill problem? In version 5, autofill worked. Now the stable channel has a non-working autofill on Gmail and Google Help websites.
,
Sep 2, 2010
Doing this like Stable version = Unstable/Beta version.
,
Sep 3, 2010
It's already fixed. Update is coming soon.
,
Sep 3, 2010
Build: 6.0.472.55 OS: XP
Status: Verified
,
Sep 7, 2010
Yes, it is build 6.0472.55. Thank you! But the fix is not in Dev version 7.0.503.0. So when Dev version comes to beta or stable version, I hope it does not overwrite what is already fixed.
,
Sep 7, 2010
@galler96, we haven't reverted the fix from 7.0 Dev channel. We are tracking to fix the issue properly through webkit bug - https://bugs.webkit.org/show_bug.cgi?id=45128 And David is actively working on it. Before v7 stable goes out, we will make sure to fix it.
,
Sep 10, 2010
WebKit fix submitted. Marking this bug fixed, pending WebKit CL landing and roll). https://bugs.webkit.org/show_bug.cgi?id=45128 Note, this applies to 7.0 dev channel only. I'm remarking fixed so QE can verify there once the WebKit patch lands.
Status: Fixed
Owner: dholl...@chromium.org
,
Sep 14, 2010
Issue 55335 has been merged into this issue.
,
Mar 18, 2011
Chrome Version : 6.0.472.41
URLs (if applicable) : mail.google.com
<b>Other browsers tested:</b>
<b>Add OK or FAIL after other browsers where you have tested this issue:</b>
Safari 4: Ok
Firefox 3.x: Ok
IE 7: Ok
IE 8: Ok
<b>What steps will reproduce the problem?</b>
1.Just go to Gmail
2.Testing the Auto Complete in Subject
<b>3.</b>
<b>What is the expected result?</b>
Start version 6 of Chrome can't remember anything typed before.
<b>What happens instead?</b>
Didn't show any Auto Complete Suggest.
<b>Please provide any additional information below. Attach a screenshot if</b>
<b>possible.</b>
Labels: -Regression bulkmove Type-Regression
,
Jun 28, 2011
(No comment was entered for this change.)
Cc: security...@chromium.org
|
| ► Sign in to add a comment |