mirror of
https://github.com/BookStackApp/BookStack.git
synced 2026-02-08 03:09:39 +03:00
Ignore password managers on new page name field #4922
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @c0shea on GitHub (Aug 19, 2024).
Describe the feature you'd like
When creating a new page, some password managers (like 1Password and Keeper) try to autofill the page title/name field with an identity or credentials.
Describe the benefits this would bring to existing BookStack users
This would make it less annoying having to either delete what the password manager autofilled or clicking away from pop-up suggestions that the password manager is suggesting.
Can the goal of this request already be achieved via other means?
No. With 1Password, you can tell it to ignore this page, but it's not ephemeral. It only remembers that for the current page load.
Have you searched for an existing open/closed issue?
How long have you been using BookStack?
1 to 5 years
Additional context
To disable the password manager functionality on the page title field, it's as simple as adding the attributes
data-1p-ignoreandclass="keeper-ignore"to the input text field. I see that the new page form uses theresources/views/form/text.blade.phpcommon helper, but I'm not sure how to generically extend that to conditionally add both of those attributes, especially since the class attribute already exists and would need a second value (keeper-ignore) added.@ssddanbrown commented on GitHub (Aug 19, 2024):
Hi @c0shea, Thanks for the suggestion.
I'm really not keen on adding vendor/software/extension-specific elements like that.
I guess we could maybe use less generic field names (
page-nameinstead ofname) but overall I'm not keen on making changes and/or adding complexities (even if minor) to suit decisions or limitations in external specific software.@c0shea commented on GitHub (Aug 19, 2024):
Thanks, @ssddanbrown. I understand not wanting to add support for the never-ending list of vendor software. I like your idea of making the element names less generic (
page-nameetc.) so hopefully the extensions don't recognize them as something they are not.@Hecke29 commented on GitHub (Aug 28, 2024):
Hi, I played around a bit (on book create).
Setting
autocomplete="off"(which would be a considerable thing in my opinion) will prompt 1password to not directly pop up: You'll not get the suggestion-thing at the bottom whilst the clickable Icon on the right stays (but must be clicked in order to get suggestions).When changing
idandnametobook-nameinstead ofname1password will still be there.Additionally changing the content of the label (!) to
Book-{{ trans('common.name') }}will make 1password not recognize this field anymore.If the
id/nameof the input or the label content isName1password will generally recognize the field as "maybe you want your name in here?" which is quite interesting to know.In my opinion the solution with
autocomplete=offwould be totally fine and has a low risk of breaking something. I could implement that?@Hecke29 commented on GitHub (Oct 18, 2024):
@c0shea would you be happy with my described solution?
@c0shea commented on GitHub (Oct 18, 2024):
@Hecke29 that sounds good to me. I can't see why anyone would want their web browser or password manager extension to try to auto fill the page name field.
@Hecke29 commented on GitHub (Oct 24, 2024):
@ssddanbrown is it okay for you to change those kind of inputs to autocomplete=off? I could do it in code just want to be sure it’s something you can see as a valid solution
@ssddanbrown commented on GitHub (Oct 24, 2024):
@Hecke29 It still doesn't feel right to me. If we were making that change based upon the user feedback of normal autocomplete being a common nuisance, I'd be all for it. But we're making the change based upon the dodgy behaviour of an external browser extension, which makes me think this should be the responsibility of 1password.
There is some utility to the native auto-complete, I sometimes use it myself if I need to create a bunch of content with similar names (Sure I could copy/paste, but I don't always think ahead).