Well, starting today, Patterns of Chaos is starting off in a totally new direction.
If anyone is still following this blog, after 2 years (where did the time go?) of complete inactivity, you’re going to see some big changes. I have decided to go back to the original original idea for this site, the one that gave rise to the name Patterns of Chaos: an organized collection of random thoughts.
I will continue writing about programming, particularly web programming, since that remains a topic of great interest to me. But in addition, and most likely more so (at least in the near-term), I will be writing about all sorts of other matters, from politics to religion to physics to global warming. And in the process, I will
probably almost certainly piss you off. But hopefully, in the process, I will also get you thinking.
Hopefully, this time, I’ll actually remember to sit down and write! For now, I’m off to rework the site a bit.
Looking at my site, I realize that I haven’t written anything at all for months. This, despite having plenty to write about - I have let myself get so caught up with other projects I have neglected what I’m trying to do here.
I know that part of it was due to making a big move - a few months ago, we (my wife and I) decided that it was finally time to make the move we had been talking about for some time, so we packed up and left California, and moved to Clayton, North Carolina.
Moving cross-country is rather time-consuming. It took a couple of trips to the area to look around and find a house, and the move itself took almost two weeks between loading the truck, driving, and unloading. Then after you get moved in, it takes a little while to get settled - which we didn’t really have. We got here about a week before Thanksgiving, and hosted a big Thanksgiving dinner with the entire family (who all live in the area). Of course, Christmas was right on the heels of that, so we really haven’t had the chance to get settled properly.
Now it’s time to reorganize, and hopefully start spending some time on my site again. I still have all the mini-applications I was planning to write, I have promised a few people a simple CMS (Content Management System), and I keep running across things all over the web that are worthy of comment. It’s time to get back to work here.
See everyone in the new year, with some new content!
I was trying to fix a bug today, where saved usernames passwords in Firefox were showing up on other forms, in the wrong fields. Pretty simple, I thought - just change the names of the password fields so they’re different than the login page.
It didn’t work.
Apparently, the new Password Manager is designed to thwart security such as changing the names of the password fields, so the user has to enter the password. It looks for a field of the same name first, but if it doesn’t find one, it will put the password in the first type=password field it finds - and then puts the username in the text field just before that.
I really can’t see how this is good. But it’s not a bug. This was an intentional design decision by the Mozilla foundation:
Firefox stores passwords with this metadata:
domain usernamefield passwordfield username password
Then uses the usernamefield/passwordfield values as hints to find the appropriate <input> elements within a webpage by matching them to the “name” attribute.
Unfortunately this means that when a website redesigns and changes the un/pw field names, the effect on the end user is that the password is “forgotten”.
As a backup, when usernamefield/passwordfield fail to match, Password Manager should attempt to discover the password field manually, using a technique similar to what Camino uses.
While I understand trying to make things easier for your users, sometimes you can go too far. This, I think, is an example of that. It actually causes usability problems. See an example of a problem this can cause here. While this is a contrived example, it should be easy to see how a complex site could easily face these sort of problems.
Personally, I think Firefox needs to rethink this. It is not a good thing.