提交自动填充(密码输入字段) [英] Submit autofill (password input field)

问题描述

我想使用chrome中的用户脚本/篡改键提交自动填写的密码表单.但是，它不起作用-字段 密码字段一直为空(服务器响应，甚至带有警报消息)，直到窗口由用户实际控制(任何实际的键盘)按下或点击鼠标). 如果您希望用户脚本自动登录而又不将密码硬编码到用户脚本中，这似乎很重要.

I want to submit an autofilled password form using a userscript/tampermonkey in chrome. However it doesn't work - the fields the password field remains empty (server response or even with alert messages) until the window is actually controlled by a user (any actual keyboard press or mouse click). This seems important if you want a userscript to automate logins without hard-coding the passwords into your userscript.

有人对此有一个解释和/或一种解决方法吗?

Does anyone have an explanation for that and/or a workaround?

我尝试了所有我知道的方式来提交表单:.submit()或调度实际的mouseclick事件等

I tried all ways I know to submit the form: .submit() or dispatching an actual mouseclick event, etc

自己尝试:在此处自动保存密码/名称: http://www.htmlcodetutorial.com /forms/_INPUT_TYPE_PASSWORD.html

Try it yourself: Autosave password/name here: http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html

其他信息:Tampermonkey版本3.12.58，chrome版本49.0.2623.110 m，Windows 10 64x.我还尝试停用了chrome中的所有扩展程序.

additional info: Tampermonkey version 3.12.58, chrome Version 49.0.2623.110 m, Windows 10 64x. I also tried deactivating all extensions in chrome.

该页面随附的用户脚本:

Userscript that goes with that page:

// ==UserScript==
// @name         New Userscript
// @namespace    http://tampermonkey.net/
// @version      0.1
// @description  try to take over the world!
// @author       You
// @match        http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html
// @grant        none
// ==/UserScript==

//wait 5s to assert that chrome autofill had enough time to do its thing
setTimeout(function(){document.forms[0].submit()},5000)

循环提交的代码.

loopme()

function loopme() {
    setTimeout(function(){
        //check every second if 'password field' is empty, if not, submit the form
        if(document.forms[0].elements[1].value != ''){
            document.forms[0].submit()
        } else {
           //make count visible
           document.title = "|" + document.title
           //edit: adding an virtual 'click' makes no difference:
           //var mouseClick = new MouseEvent("click");
           //document.body.dispatchEvent(mouseClick);
           loopme()
           }
    },1000)
}

由于此建议(基于Chrome)而导致的密码字段的屏幕截图漏洞. 左:提交前的表单，右:服务器响应.

screenshot of password field because of this suggestion based on a chrome bug. Left: form before submission, right: server response.

运行循环脚本时chrome的(详细)日志文件:

(verbose) logfiles of chrome when running the looping-script:

Navigated to http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html
content: Started (5edc5230-099a-412a-bca4-48c97edb3113, http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html)
content: start event processing for 5edc5230-099a-412a-bca4-48c97edb3113 (1 to run)
env: initialized (content, id:5edc5230-099a-412a-bca4-48c97edb3113, http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html) 
env: schedule 'New Userscript' for document-idle
env: schedule for later events!
env: first DOMNodeInserted Event!
content: Started (d2f1e833-ce3f-48e8-a81c-cf4a93475a98, nullblank)
content: disable event processing for d2f1e833-ce3f-48e8-a81c-cf4a93475a98
content: Started (6b10cff5-a3a1-4eab-9286-f7e49aaa5952, http://www.htmlcodetutorial.com/forms/_INPUT_TYPE_PASSWORD.html)
content: disable event processing for 6b10cff5-a3a1-4eab-9286-f7e49aaa5952
content: Started (dc4a5836-69a6-4194-a631-ad2354cc6a33, nullblank)
content: disable event processing for dc4a5836-69a6-4194-a631-ad2354cc6a33
env: DOMContentLoaded Event!
content: detected DOMContentLoaded 5edc5230-099a-412a-bca4-48c97edb3113
content: Started (df53f06c-55ba-4398-8a4d-0b41d2fb3f93, nullblank)
content: disable event processing for df53f06c-55ba-4398-8a4d-0b41d2fb3f93
env: execute script New Userscript @ the safe context now!
content: Started (069446ea-3b29-42c4-8c13-9f4f112f6a01, https://googleads.g.doubleclick.net/pagead/html/r20160331/r20151006/zrt_lookup.html)
content: disable event processing for 069446ea-3b29-42c4-8c13-9f4f112f6a01
content: Started (127600e6-61f8-4e15-862a-fe0aaa6e4683, http://s7.addthis.com/static/sh.953eb77977227bfd253ee158.html)
content: disable event processing for 127600e6-61f8-4e15-862a-fe0aaa6e4683
content: Started (b50036dc-266a-4328-92b9-6937c09419e3, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for b50036dc-266a-4328-92b9-6937c09419e3
content: Started (5df2993f-2fc5-4f40-8fa9-aa37c7ffd987, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for 5df2993f-2fc5-4f40-8fa9-aa37c7ffd987
content: Started (8f6c166e-6e61-4776-ba28-8caf786704f4, http://tpc.googlesyndication.com/safeframe/1-0-2/html/container.html)
content: disable event processing for 8f6c166e-6e61-4776-ba28-8caf786704f4
content: Started (c9082438-936d-4ba3-b76e-bf7cc9f48bae, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for c9082438-936d-4ba3-b76e-bf7cc9f48bae
content: Started (2439efaa-3ea5-461b-a8a1-25b2be866f1a, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for 2439efaa-3ea5-461b-a8a1-25b2be866f1a
content: Started (fdd7347c-3bf8-4e05-a9bb-97e0e26d543e, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for fdd7347c-3bf8-4e05-a9bb-97e0e26d543e
content: Started (5e2a844c-fe1e-4c8d-af07-09b3b1ab272c, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for 5e2a844c-fe1e-4c8d-af07-09b3b1ab272c
content: Started (0cef6828-3752-4b05-a8de-68cb90f6b29b, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for 0cef6828-3752-4b05-a8de-68cb90f6b29b
content: detected load 5edc5230-099a-412a-bca4-48c97edb3113
content: Started (65ce238d-9bd8-45cd-8d52-8d215ae3fe62, https://googleads.g.doubleclick.net/pagead/ads)
content: disable event processing for 65ce238d-9bd8-45cd-8d52-8d215ae3fe62
content: Started (c3747272-9bf6-4a6b-baf3-d38b7fbb8134, nullblank)
content: disable event processing for c3747272-9bf6-4a6b-baf3-d38b7fbb8134

推荐答案

由于似乎没有人可以回答:这是我在类似主题上找到的最佳答案(没有解释).如果您发现或有更好的信息，请分享...

Since there appears no one can answer: Here's the best answer I found on a similar topic (without an explanation). Please share if you find or have better information...

密码字段不会被填充(通过自动填充)，而无需用户的明确指示，因此无法被javascript访问.

The password-field won't be populated (by autofill) without an explicit instruction from the user and can therefore not be accessed by javascript.

来自 Stackoverflow问题:JavaScript可以访问自动填充的密码吗?

这篇关于提交自动填充(密码输入字段)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！