236432 – Autofill sets the `value` of an `<input>` with `name="token"` to the user's email address

Bug 236432 - Autofill sets the `value` of an `<input>` with `name="token"` to the user's email address

Summary: Autofill sets the `value` of an `<input>` with `name="token"` to the user's e...

Status:	RESOLVED MOVED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Forms (show other bugs)
Version:	Safari 15
Hardware:	Unspecified macOS 12

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2022-02-10 00:29 PST by Brody
Modified:	2022-02-10 07:26 PST (History)
CC List:	3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brody 2022-02-10 00:29:47 PST

While developing a website I noticed some unusual activity while testing it in Safari.

Given a form such as:

```
<form>
  <input type="hidden" name="token" value="[SOME LONG RANDOM STRING HERE]" autocomplete="off">
  <input type="password" name="password" autocomplete="new-password">
  <input type="password" name="password_confirmation" autocomplete="new-password">
</form>
```

The browser is setting the token to the user's email address. The workaround involved using the `Referer` header when the `User-Agent` matches Safari but no other browser ran into this issue.

Comment 1 Chris Dumez 2022-02-10 07:25:13 PST

Likely a Safari issue, not a WebKit one. Importing the bug into radar so that it can be sent to the right people.

Comment 2 Radar WebKit Bug Importer 2022-02-10 07:25:24 PST

<rdar://problem/88753523>