When changing a password, it silently trims space characters from inside on every value change trigger #5638
Assignees
Labels
site
Area: frontend dashboard
Comments
|
From my understanding of a quick look at the code without cloning or building it looks to me that the problem is with the on Change listener that trims which is added to the password field on the settings page: |
rac2030
added a commit
to rac2030/coder
that referenced
this issue
Jan 9, 2023
…s in the form for new user creation) fixing coder#5638
|
Created a PR removing the OnChange listener as after further inspection of the code base it seems that other forms in coder that set the user password all have no OnChange listener set for the password fields |
|
Thanks for raising the pull-request and the detailed bug report. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If a user is changing his password (SettingsSecurityForm.tsx) and enters a space, it will not be in the value but no error message is displayed that it's an invalid character.
This can result in a user setting a password with spaces in it like "some random sentence" which will result that he actually changed his password to "somerandomsentence" without seeing it. As he can enter that phase with spaces in the confirmation as well and they will match, he will only figure out that he can not login anymore with that password after it has been updated.
If however he copy pastes into the password field, a space character is possible so I'm not sure if the bug is not showing an error message or trimming on every change of the field.
The text was updated successfully, but these errors were encountered: