linux-traipu team mailing list archive

Thread
Date

[Bug 1775588] Re: bad bot error on autofilled password on chrome

To: linux-traipu@xxxxxxxxxxxxxxxxxxx
From: Valentin Lab <1775588@xxxxxxxxxxxxxxxxxx>
Date: Sat, 06 Nov 2021 23:07:59 -0000
Reply-to: Bug 1775588 <1775588@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

There are numerous report touching a little bit every browser or plugin.
I'm on Firefox 94 now (no plugins), and it is a real pain in the ass to
get through openid request. This honeypot technique seems really flawed
and generate way to many false positive to my understanding from many
legit auto-filler. Its also the first time I'm confronted to this type
of false positive honeypot. So after chrome/chromium/LastPass and now
Firefox, I wonder what will be needed to admit there are probably some
issues with the technique used.

I managed to get through using javascript console:

document.querySelector('form input[type=text]').value = ""

cf:
- https://bugs.launchpad.net/canonical-identity-provider/+bug/1949766
- https://www.youtube.com/watch?v=hcJYEh7NFas

-- 
You received this bug notification because you are a member of UBUNTU -
AL - BR, which is subscribed to Chromium Browser.
https://bugs.launchpad.net/bugs/1775588

Title:
  bad bot error on autofilled password on chrome

Status in Canonical SSO provider:
  Fix Released
Status in Chromium Browser:
  Fix Released

Bug description:
  When I try to login to my account on Chrome Beta 68.0.3440.14 on
  Android with my pre-filled username and password that are saved into
  Chrome, I get the following message: "Bad bot, go away! Request
  aborted".

  I wish to be able to log in from my smartphone.

To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-identity-provider/+bug/1775588/+subscriptions