Uploaded image for project: 'SR for Jira - Development'
  1. SR for Jira - Development
  2. SRJIRA-4310

Stop Browser's treating Bearer token field in "Post a message to Slack" built-in script as a password field

    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Triage
    • Priority: Low
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Built-in Scripts
    • Labels:
      None
    • Critical Points:
      0

      Description

       

      When you open an existing or new "Post a message to Slack" built-in script the browser treats the "Bearer token" field as a password field, which is great as it masks the password, however, if you have auto-fill enabled it can potentially overwrite the user's bearer token quickly without them noticing. This will then break the script.

      So it might be better if we can somehow make this field not allow auto-fill to avoid this problem.

      Steps to reproduce:

      1. Set up your browser to auto-fill passwords on your Jira site
      2. Try to edit a saved "Post a message to Slack" built-in script listener
      3. It may auto-fill the Bearer token field or ask you if you want to fill it from saved passwords. (All my tests ask if I want to auto-fill, but some users have reported their browsers auto-fill without user interaction on the bearer token field, but after they change another field on the form.)

       

       

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            mclark Matthew Clark
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: