Autofill has ceased working on QNAP QTS 4.4.2.1270 Login Page

2»

Comments

  • ag_anaag_ana

    Team Member

    :+1::)

  • Many thanks for this thread. It was very helpful and there seems to be very little about this on the web.
    I've been meaning to work out why this broke for a while and today was the day!
    I hope you don't mind me adding to it so long after the last post but my Qnap is on version 4.4.3.1421 and the feature still is absent so here is a workaround for the interim.
    From the diagnosis left by @ramblingpolak , I have created a script for Tampermonkey which is a browser extension that edits html on the fly.

    Tampermonkey should be available on your browser extensions page.
    Add this script, adding your nas details. I use a custom port but I think the default is 443 for HTTPS and 8080 for HTTP?
    It just changes the tags to tags and given the right include instructions, will only run on the specific webpages.
    I am afraid it is very crude but I am not a coder.
    The tags are only used once on my qnap but I believe you can add things to the login screen which might use it and be effected.
    I did try to get it to replace the whole line but I got mixed results.
    Maybe someone who knows what they are doing could suggests improvements.

    I just wanted to post this here for the benefit of those in the thread and those who search the thread who clearly find this rather annoying.

    I am using Firefox and I haven't tested it with other browsers.
    Also, I use a different password manager so I haven't tested it with 1password either.
    It is such a simple fix that there is no reason to think it shouldn't work with any of the mainstream combinations.
    Hopefully it a fix will come out soon.

    I'm afraid I can't work out how to stop the forum page trying to format the code but it still comes out useable.

    // ==UserScript==
    // @name         Fix Qnap page
    // @namespace    http://nas-address
    // @version      0.2
    // @description  User Upgrade
    // @author       Me
    // @include      http://nas-address:nas-html-port/*
    // @include      https://nas-address:nas-html-port/*
    // @grant        none
    // ==/UserScript==
    
    (function() {
    
    // Replace textarea with input in the HTML to be compatible with password managers
    
        document.body.outerHTML=document.body.outerHTML.replace("<textarea ",
                                                                   "<input ");
        document.body.outerHTML=document.body.outerHTML.replace("</textarea>",
                                                                   "</input>");
    
    })();
    
  • BenBen AWS Team

    Team Member

    Thanks for the additional information @Dennis_J and for sharing your script. I believe I've fixed the formatting for you. For future reference there is a "code" option under the paragraph formatting selection:

    :+1:

    Ben

  • It's been a while since I got this from QNAP support, and several firmware updates has come since then:

    Thank you for the reply and clarification.
    I have checked logs with other cases same with you and currently requested for feature request.
    Please note we do not provide the status or timetable for new features.
    I hope in the upcoming FW version, this is already fixed.
    While waiting for the fix version, you may use the workaround for awhile.
    Thank you for your time and support.

    So I contacted them again to see what was up with this issue and now I got this:

    About for the feature request of the 1password autofill in the login form, this feature request is still in discussion.
    For security reason, I'm afraid this feature may not be feasible.
    Thank you for your time and support.

    Yeah.. thanks for the time and support.. security reason my a*s :angry:

  • ag_yaronag_yaron

    Team Member

    Thanks for the update @setec__astronomy .

    Perhaps you should show them this open letter we published (mainly for banks but it looks like it could fit quite well for them): https://blog.1password.com/an-open-letter-to-banks/

    The gist of it is that if they care about their users security, they'll do whatever they can to allow password managers do the dirty work for the user. Whenever a user is required to manually type a username/password in, his security is already lowered/compromised.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file