Autofill has ceased working on QNAP QTS 4.4.2.1270 Login Page

2»

Comments

  • ag_anaag_ana
    1Password Alumni

    :+1: :)

  • Dennis_JDennis_J
    Community Member

    Many thanks for this thread. It was very helpful and there seems to be very little about this on the web.
    I've been meaning to work out why this broke for a while and today was the day!
    I hope you don't mind me adding to it so long after the last post but my Qnap is on version 4.4.3.1421 and the feature still is absent so here is a workaround for the interim.
    From the diagnosis left by @ramblingpolak , I have created a script for Tampermonkey which is a browser extension that edits html on the fly.

    Tampermonkey should be available on your browser extensions page.
    Add this script, adding your nas details. I use a custom port but I think the default is 443 for HTTPS and 8080 for HTTP?
    It just changes the tags to tags and given the right include instructions, will only run on the specific webpages.
    I am afraid it is very crude but I am not a coder.
    The tags are only used once on my qnap but I believe you can add things to the login screen which might use it and be effected.
    I did try to get it to replace the whole line but I got mixed results.
    Maybe someone who knows what they are doing could suggests improvements.

    I just wanted to post this here for the benefit of those in the thread and those who search the thread who clearly find this rather annoying.

    I am using Firefox and I haven't tested it with other browsers.
    Also, I use a different password manager so I haven't tested it with 1password either.
    It is such a simple fix that there is no reason to think it shouldn't work with any of the mainstream combinations.
    Hopefully it a fix will come out soon.

    I'm afraid I can't work out how to stop the forum page trying to format the code but it still comes out useable.

    // ==UserScript==
    // @name         Fix Qnap page
    // @namespace    http://nas-address
    // @version      0.2
    // @description  User Upgrade
    // @author       Me
    // @include      http://nas-address:nas-html-port/*
    // @include      https://nas-address:nas-html-port/*
    // @grant        none
    // ==/UserScript==
    
    (function() {
    
    // Replace textarea with input in the HTML to be compatible with password managers
    
        document.body.outerHTML=document.body.outerHTML.replace("<textarea ",
                                                                   "<input ");
        document.body.outerHTML=document.body.outerHTML.replace("</textarea>",
                                                                   "</input>");
    
    })();
    
  • BenBen AWS Team

    Team Member

    Thanks for the additional information @Dennis_J and for sharing your script. I believe I've fixed the formatting for you. For future reference there is a "code" option under the paragraph formatting selection:

    :+1:

    Ben

  • setec__astronomysetec__astronomy
    Community Member

    It's been a while since I got this from QNAP support, and several firmware updates has come since then:

    Thank you for the reply and clarification.
    I have checked logs with other cases same with you and currently requested for feature request.
    Please note we do not provide the status or timetable for new features.
    I hope in the upcoming FW version, this is already fixed.
    While waiting for the fix version, you may use the workaround for awhile.
    Thank you for your time and support.

    So I contacted them again to see what was up with this issue and now I got this:

    About for the feature request of the 1password autofill in the login form, this feature request is still in discussion.
    For security reason, I'm afraid this feature may not be feasible.
    Thank you for your time and support.

    Yeah.. thanks for the time and support.. security reason my a*s :angry:

  • ag_yaronag_yaron
    1Password Alumni

    Thanks for the update @setec__astronomy .

    Perhaps you should show them this open letter we published (mainly for banks but it looks like it could fit quite well for them): https://blog.1password.com/an-open-letter-to-banks/

    The gist of it is that if they care about their users security, they'll do whatever they can to allow password managers do the dirty work for the user. Whenever a user is required to manually type a username/password in, his security is already lowered/compromised.

  • f2pnt8f2pnt8
    Community Member

    Working JS only Solution

    So this is still annoying me. The previous fix I authored was cumbersome and got reset each time the firmware was updated.

    Here is a working local JS only solution. It will work for all updates unless QNAP modifies the login page - hopefully for the better.

    First, you will need a browser extension to run a local JS on a page.

    • Tampermonkey - all browsers
    • Greasemonkey for Firefox
    • or whatever else you choose

    Second, Create a new script and copy and paste the following code into the extension editor:

    // ==UserScript==
    // @name         Q Login Page Fix
    // @namespace    http://tampermonkey.net/
    // @version      1,0
    // @description  Fix Login Page on QNAP devices to use 1Password Form Submission feature.
    // @author       f2pnt8
    // @match        https://your-qnap-device-ip-or-domain-here
    // @icon         https://www.qnap.com/i/images/favicon/favicon.png
    // @grant        public domain
    // ==/UserScript==
    
    (function() {
        'use strict';
    
        //This code is basically stolen from this Stack Overflow answer:
        // @link https://stackoverflow.com/a/65090521
    
        const $textarea = document.getElementById( 'username' )
        const $pwd = document.getElementById( 'pwd' )
        const $form = document.createElement( 'input' )
        for ( const attr of $textarea.attributes ) {
            $form.setAttribute( attr.name, attr.value )
        }
        $form.setAttribute( "type", "text" )
        $form.setAttribute( "autocomplete", "on" )
        $pwd.setAttribute( "autocomplete", "on" )
        $form.innerHTML = $textarea.innerHTML
        $textarea.replaceWith( $form )
    })();
    

    Last, change the @match section to the domain or IP of your QNAP login page. You can also do this in the Settings section of the plugin:

    What does this do?

    1. This code changes the textarea tag to an input tag.
    2. Makes sure all of the tag attributes remain the same, except...
    3. Changes the autocomplete attribute to ON and...
    4. Sets the input type attribute to text

    I hope this helps.

    :)

  • ag_yaronag_yaron
    1Password Alumni

    Thanks for sharing @f2pnt8 !

  • jelonealjeloneal
    Community Member

    Thanks for the hint with Tampermonkey. Works like a charm. But there is a downside: 2FA field is also not recognized. Any ideas how to fix that with the help of Tampermonkey?

  • ag_yaronag_yaron
    1Password Alumni

    Hey @jeloneal ,

    Can you right-click the 2FA field and select "Inspect", then take a screenshot or copy the HTML part that shows up and post it here? We're specifically looking for that field's HTML code to see what type of field it is, what is its HTML ID and other attributes are.

  • jelonealjeloneal
    Community Member

    I hope that helps!

  • ag_yaronag_yaron
    1Password Alumni
    edited November 2021

    Thanks @jeloneal ,
    Seems like there are absolutely no clues or keywords on that page that indicate this is a 2FA field.

    Can you please try editing your login entry for this page, select the 2FA field's name and change it to scyCode , then save the changes and see if autofill works?
    You might need to try to autofill from the 1Password icon on the top right corner of your browser when you reach that page but I believe it should work.

  • jelonealjeloneal
    Community Member

    Thanks @ag_yaron ! That worked. The first time, I needed to use autofill via the icon. After that, the field seems to get recognized automatically now.

  • ag_yaronag_yaron
    1Password Alumni

    I'm glad to hear it! :chuffed: :+1:

This discussion has been closed.