-
Notifications
You must be signed in to change notification settings - Fork 555
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Lock's SSO transformation triggers LastPass Chrome extension to autofill repeatedly #1397
Comments
Can you record a video of this? I don't understand what's happening. |
A small screen recording can be downloaded here (15MB). |
Password managers are weeeeeird :) I just submitted a fix, which should be out in the next release. Thanks for reporting it |
Thanks! May I ask when the next release will be? So that we can arrange our release to apply the fix. |
I'm trying to narrow a few extra SSO issues and I to ship everything on Thursday. As always, things might go wrong and dates can change, but those this is the plan right now 😬 |
I just opened the last pr for the SSO issues. I'll cut a new release once both are merged! Thanks for your patience. |
…DOM (#1407) Fix #1397 The issue happened because Lock was REMOVING the password input from the DOM. The fix was to let the input in the DOM, but add a css class that hides the input. Before: ![lastpass](https://user-images.githubusercontent.com/941075/41319427-1d81875a-6e72-11e8-8098-ae387134b8a0.gif) After: ![lastpassok](https://user-images.githubusercontent.com/941075/41319492-55ba43aa-6e72-11e8-8aa9-f079a042e6f4.gif)
Looks like this fix is not in 11.17.2. Just want to ask approximately when will 11.17.3 be release, please? |
Sorry to keep you waiting. The next release is scheduled to happen this week. |
Lock version: 10
Browser: Chrome (tested on Firefox, the issue does not happen on Firefox)
OS: MacOS
When SSO is enabled, Lock will transform to hide the password field when the user-type email matches a domain configured in Auth0. In addition, It will transform to show the password field again when the user starts deleting characters from the email field (domain becomes not matched).
The problem is, if the user installed LassPass Chrome extension, which autofills the email, every time the user updates the email, Lock's transformation triggers LastPass extension to autofill the email field repeatedly. This causes the user cannot update the email field at all, unless the user hit delete furiously.
Here is an example:
LastPass autofills the email, and the domain is matched. The password field is hidden.
If the user hit
delete
, Lock should transform to show the password field as shown in the second image. However, the email is autofilled again. Lock immediately becomes back to the first image.The text was updated successfully, but these errors were encountered: