Toolkit:Password Manager/Debugging

From MozillaWiki
Jump to: navigation, search

The password manager in Firefox includes the ability to log debugging information to the Browser Console, which can be enabled to help diagnose problems. This logging is off by default. Passwords are not shown in the output.

Gathering Debug Logs

Follow the instructions in this video or the written steps in both sections below.

Enable Debug Logging

  1. Enter "about:config" in the URL bar.
  2. You may see a warning screen cautioning you about changing advanced preferences. Click the button to ignore the warning.
  3. Make sure all of the following prefs are set to 'true'. (Find a pref by entering its name in the "Filter" box at the top of the page. Toggle its value by either clicking the ⇌ (Toggle) icon or double-clicking the line.)
    signon.debug
    devtools.browserconsole.contentMessages
    devtools.browserconsole.filter.error
    devtools.browserconsole.filter.warn
    devtools.browserconsole.filter.info
    devtools.browserconsole.filter.log
    devtools.browserconsole.filter.debug
  4. Restart Firefox

View the Logging

  1. To view the logging, open the Browser Console and/or Browser Content Toolbox (for logs related to in-page stuff) from the Tools → Web Developer menu. If you don't see these, follow the instructions on the MDN page to enable it.
    • Note that the above consoles are different than the Web Console that you use for regular web development.
  2. Make sure the log level toggles ("Errors", "Warnings", "Logs", …, "Debug") are all enabled in the Browser Console. "CSS" should ideally be disabled.
  3. Load the problematic web (or about:logins) page in in the browser. You should see messages in the Browser Console like:
LoginManagerContent: onDOMFormHasPassword for https://www.google.com
LoginManager: Counting logins matching host: https://www.google.com, formSubmitURL:  httpRealm: null

All password manager logging contains the string "login" in the prefix so you can type the word "login" in the "Filter output" box of the Browser Console to filter out other content.

To copy/save the logs, right-click in an open area of the console and choose "Export visible messages to" and choose "Clipboard" or "File" depending on which you prefer. Include them as an attachment on your bug report, not in the body of a comment.

Common Problems

Won't auto-fill a saved password

SUMO article Note that auto-fill refers to the field being filled automatically whereas autocomplete refers to completing the field value based on what you have typed so far (usually via the autocomplete dropdown).

  • Logins are not auto-filled in Private Browsing windows. You should still be able to autocomplete the password from the autocomplete dropdown on the username field (if one exists).
  • Logins are not auto-filled on insecure http: documents. Make sure all ancestor frames are https:
  • Logins are not auto-filled in sandboxed documents e.g. <iframe sandbox> or Content-Security-Policy: sandbox;
  • If there are multiple username+password combinations saved for a domain and the username field wasn't pre-filled by the website, Firefox won't know which username/password to use and thus won't auto-fill. Use the autocomplete dropdown to choose the username you would like to use.
  • If the page pre-fills a username field (e.g. using your session/local cookies or with a value attribute used as an old hack for placeholder text), Firefox won't fill in a password if the username field value doesn't match the one saved.
  • The <form>'s action attribute is for a different origin than the action origin that the login was saved for.
  • The field is disabled or readonly
  • The username or password doesn't fit within the maxlength
  • The password field for the form has the autocomplete attribute with a value of "new-password"
  • There are more than 5 password fields in the "form".
  • The login form is loaded into a subframe (e.g. an <iframe>), and it is cross-origin (i.e. not same-origin) with the top level frame.

HTTP Authentication popup not filled in

This is often due to the HTTP "Realm" being different from the stored login. The values the password manager is checking can be seen in the logging. Here's some example output from a successful sign in:

…
LoginManagerPrompter: ===== promptAuth called =====
LoginManager: Searching for logins matching host: "https://intranet.mozilla.org", formSubmitURL: null, httpRealm: Mozilla Corporation - LDAP Login
LoginManager: Checking if logins to "https://intranet.mozilla.org" can be saved.
LoginManagerPrompter: Login unchanged, no further action needed.
…

Won't prompt to save a password

Potential reasons for not getting a prompt to save:

  • The password is already saved. Check about:logins to see if it's already there
  • Make sure "Ask to save logins and passwords for websites." is check in about:preferences#privacy-logins
  • Make sure the website isn't in the "Exceptions…" list of about:preferences#privacy-logins
  • If you are in a private window, the prompt may be dismissed by default and not pop up automatically.