Related, there is a "bug" in chrome that disabled autocomplete="off" on input elements, marked as won't fix<p><a href="https://bugs.chromium.org/p/chromium/issues/detail?id=587466" rel="nofollow">https://bugs.chromium.org/p/chromium/issues/detail?id=587466</a>
This is not really a Safari-only thing. All password managers that I have used in the past had some kind of heuristic to decide whether a field should be auto-filled or not. Here is a nice explanation by a (former?) 1Password employee (<a href="https://1password.community/discussion/94198/autocomplete-off-for-1pass-suggested-fields" rel="nofollow">https://1password.community/discussion/94198/autocomplete-of...</a>).<p>To me as a web developer (among other things :D) this is quite annoying because password managers often hijack our forms when they decide that the label (or id or classname etc.) sounds suspiciously usernamely, passwordly or credit cardly.
I don't see this as a bug. Password autocomplete is kind of a dumpster fire. It varies, depending on which sites I visit.<p>I use 1Password, with browser integrations (it works better with Safari than Chrome).<p>I don't know most of my passwords; relying on 1Password to access the strings of garbage I autogenerate.<p>So I am <i>constantly</i> using it to fill forms.<p>It keys on things like attached <label>...</label> elements. Not all sites use these. Some sites also sometimes add some kind of junk that causes 1Password to fail.<p>Other times, 1Password insists that the field I just selected needs an autofill; even for non-auth fields.<p>Not really a big deal for me. No one that shouldn't gets my auth, and I ignore the prompt when it is not necessary.
Too much magic if you ask me.<p>There are often two ways you can do something. In this case:<p>- Explicit clean markup and a deterministic GUI or<p>- Tons of heuristics and a magic GUI that works great most of the time but fails in ways that are hard to understand.<p>I feel you get this tradeoff a lot in "clever" systems. Whether it is just finding the main text on a page, blocking ads, doing search, or even self-driving cars: I often prefer the "pedestrian" approach over the "magic" approach. Even if it is a bit less powerful, it is also less surprizing.
Just another day in web development with Safari, I'm not even surprised anymore. I've encountered so many of those "total nonsense" moments.
The assumption here that this is being triggered because Safari assumes any page with this phrase must be a login page sounds plausible (if odd) to me.<p>However, anecdotally I imagine there will be an uptick in sites using similars phrases — as following easing of Covid restrictions around the world even little brick and mortar stores will be making such welcoming statements on/across their homepages. :D
>tries to<p>Maybe “offers to” is a better way of saying this? The way this is being treated makes one thing that it goes ahead and fills in a user name without interaction. Instead it seems that login / password fields are being detected by the browser, which is expected behavior.
Imagine how much code like this is inside our "lightweight" browsers.<p>All the code reviews that passed this on to production make you wonder how competent these browser makers actually are..<p>I think that the browser should not treat every input field as a personal info form for the current user. There are plenty of cases of web apps I can think of where disabling autocomplete is best user experience overall.
There was probably an important website somewhere that had a login page with a shitty markup, and Safari users complained that autofill "doesn't work" there. Garbage markup got a garbage workaround.
Safari seems to be full of such hacks, more such examples in this related story:<p><a href="https://news.ycombinator.com/item?id=26165357" rel="nofollow">https://news.ycombinator.com/item?id=26165357</a>
This is false. Safari does not autofill a password, it merely displays the icon for you to select a password if you choose to. It is still a bug, but there is a huge distinction because in one case you're leaking your password and in the other you're not. The title of this post should be changed. Not sure why posts like this crop up to the top so quickly without people actually understanding what's happening.
Autocomplete is a black box. Trying to build a form that consistently works with Autocomplete is basically just trial and error. There should be a standardized API for this. I understand trying to support pages that weren't built with support but it's frustrating that there is no programmatic way of defining how autofill works with your app.
Livewire's creator here. This problem is so bonkers and such a pain to deal with.<p>For your amusement. Here's the code that was SUPPOSED to fix the bug: <a href="https://github.com/livewire/livewire/blob/0b3feda46a9dd6ad19c6966a0c7d9820d928fe87/js/node_initializer.js#L103-L109" rel="nofollow">https://github.com/livewire/livewire/blob/0b3feda46a9dd6ad19...</a><p><a href="https://github.com/livewire/livewire/blob/0b3feda46a9dd6ad19c6966a0c7d9820d928fe87/src/LivewireManager.php#L200-L205" rel="nofollow">https://github.com/livewire/livewire/blob/0b3feda46a9dd6ad19...</a><p>And here's the podcast I recorded a while back on what a pain it is: <a href="https://laravel-livewire.com/podcasts/ep65-safari-sucks-heres-why" rel="nofollow">https://laravel-livewire.com/podcasts/ep65-safari-sucks-here...</a>
The title is clickbait.<p>Both "welcome back" and "Sign In" show the blue outline around the field and safari asks the user to select a username in the dropdown without actually filling the field. The user needs to actively click on the username for safari to fill the field.<p>I don't see how this is "bad behaviour". Seems like expected behaviour.
I vaguely remember Apple saying they use ML to parse forms... Could be why.<p>Personally I have this weird thing with Safari passwords - there's 2 sites where password dropdown would appear at top left corner for whatever reason.
Inaccurate title. Can we get it changed?<p>It currently gives the _option_ to fill out the login info.<p>The title implies that it fills it automatically.
I just imagine the scenario of someone getting nostalgic for Welcome Back, Kotter, firing up Safari and having this happen on every fan page they try to surf.<p>On the other hand I guess it must also happen on every page that mentions this bug.
I'm wondering if in other languages it would happen too.<p>I don't have safari so I can't try it out but, what if you wrote "bentornato"? Would it also trigger it?
I can see the PM with this story "As a user I want to feel welcome back to my websites hence my login information will be auto-filled if the sites welcome me back"<p>(Though the real issue here seems to be field identification, not the auto-fill)
Anything but following standards and making sure that upon joining the internet new users either know how to use the tools, or know what the consequences can be.<p>I miss netiquette and RTFM
Whats the point of this feature? Even if the username is needed, Safari can't do anything with it if it can't find a form field to put it in.