[Koha-bugs] [Bug 25911] New: Chrome tries to save patron passwords

Wed Jul 1 21:58:45 CEST 2020

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25911

            Bug ID: 25911
           Summary: Chrome tries to save patron passwords
 Change sponsored?: ---
           Product: Koha
           Version: 19.11
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5 - low
         Component: Patrons
          Assignee: koha-bugs at lists.koha-community.org
          Reporter: cbrannon at cdalibrary.org
        QA Contact: testopia at bugs.koha-community.org
                CC: gmcharlt at gmail.com, kyle.m.hall at gmail.com

If you are like me, you might have your browser try to save passwords for
sites.  I like having the browser in my office save some of my passwords. 
Logging into Koha is one of them.  However, the problem with this is, every
time I save a form that has a password associated with it, it wants to remember
this password.  This includes patron records.  This is an annoyance.

Now, my testing has been only with Chrome on this particular issue, and my
workaround addresses this to some degree.  So, if there is a more
all-encompassing issue to address or solution, feel free to chime in.

I've been able to work around this annoyance by adding the following to jQuery:

$('#pat_memberentrygen #password,#pat_memberentrygen
#password2').attr('readonly','').attr('onfocus','$(this).removeAttr("readonly");');

This will make the password fields readonly, which Chrome will ignore.  If you
need to edit the field, when you click on it, it will take the readonly
attribute away, and it can be edited.  Left as is, when you save, it will, of
course, try to save the password.  But it will only do so if the password is
edited.  If you leave it untouched, it will not bug you.

I can take this one step further, I add this line to add the readonly
attributes before saving.  Then it won't bug me to save the password at all:

$('#pat_memberentrygen #validate').attr('onmouseover', '$("#pat_memberentrygen
#password,#pat_memberentrygen #password2").attr("readonly","");');

NOTE: Our Save button has the ID of "validate" because I have some validation
code added to the form.  But you get the idea here.  When you hover over the
save button, it adds the readonly attribute, and is ignored by the browser.

I don't know if this helps anyone, or gives anyone an idea how to keep patron
forms from being a nuisance to staff that save credentials, but I thought I
would throw it out here.

-- 
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.