Login/pw do not fill at bugreport.apple.com

mirv
mirv
Community Member
edited August 2017 in iOS

[Apologies if this has been submitted/discussed before.]

Is this bug reproducible?

yes

Which devices did this bug appear on and is it reproducible on any devices and/or computers?

Reproducible on iPhone 7, iPad Pro 9.7 both running iOS 11 beta 8, with MobileSafari.

It does fill correctly on macOS Safari and 1Password extension.

A quick summary of the bug:
Using 1P 6.8.1 (testflight installed) with iOS 11 beta 8 on an iphone 7, the 1Password extension does not fill the apple id and password at https://bugreport.apple.com.

Detailed, step-by-step list on how to reproduce it:
1. Go to bugreport.apple.com
2. Use share sheet to open 1Password extension.
3. Tap the correct login.

Versions of 1Password you're using on the devices and computers involved

iOS 11 beta 8


1Password Version: 6.8.1
Extension Version: Not Provided
OS Version: iOS 11 beta 8
Sync Type: iCloud

Comments

  • @mirv,

    Thanks for the post, but unfortunately bugreporter.apple.com uses iframes and as a result we are unable to fill in that scenario.

    Rudy

  • mirv
    mirv
    Community Member

    Ok, thanks for the explanation anyway.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Sure thing! I'm not holding my breath, but it's at least possible that Apple will make it possible to fill iframes in Safari in the future — or update their site to not use them (it still surprises me that it does). Until then, copy and paste works at least. Cheers! :)

  • mirv
    mirv
    Community Member

    Yes I was thinking of submitting a bug report to the Apple dev support folks.

  • AGAlumB
    AGAlumB
    1Password Alumni

    @mirv: I'm fairly certain that this is intentional. It's really hard even on the desktop for most users to recognize if a form on a page is being loaded from an external site, which could be malicious. And on mobile devices it's nearly impossible to determine this. So unless Apple comes up with a creative solution, filling into iframes really is a security risk.

This discussion has been closed.