mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-03-02 07:11:14 -05:00
33b15cdec6
We keep seeing Chrome: - autofilling the sign in form with a phone number in the email box - autofilling the register form with an email address in the phone number box This is because Chrome tries to autofill what it considers to be a _login_. It detects a login as being: - a password field - preceded by a text input field On the sign in page the password field is preceded by a field which is supposed to receive an email address. On the register page the password field is preceded by a field that’s supposed to receive a phone number. I suspect that this is why it’s missing the two up. The solution to this seems to be to defeat Chrome trying to be clever, and make it autocomplete based on the `name` of the fields instead (we name them sensibly, e.g. `email_address`, `phone_number`). The way to defeat it seems to be sticking a dummy `input` right before the password field on the register page. This dummy input is hidden from the page and from screenreaders, so a user should never know it’s there. but Chrome will autofill it anyway, with whatever wrong value it wants to.