Android 5.0.2 web view password field does not post password actually typed
I have a simple web page that has a username and password field. If I fill out the username and password field and use the "GO" button on the keyboard the data posts correctly to the server.
But if I don't use the keyboard's GO button and click the "Login" button the the web page the password is sent as ********e for example. It seems like Android WebView has some sort of bug.
I figured this out by outputting the RAW post data from server.
SEE:
This doesn't happen in Chrome on Android or iOS. Just my Android WebView. There is not any javascript on the web page that would cause this. I am just typing a password in.
This is on Android 5.0.2 AND 5.1. It does NOT happen on Android 4.3 in the same app using WebView.
Here is how I start my StoreWebActivity:
Intent intent=new Intent(StoreUrlActivity.this, StoreWebActivity.class);
intent.putExtra("storeUrl", savedStoreUrl);
startActivity(intent);
Here is what I do in onCreate for activity:
this.webView = (WebView)findViewById(R.id.webView);
webView.getSettings().setJavaScriptEnabled(true);
webView.addJavascriptInterface(this, "android");
...
webView.loadUrl(storeUrl);
This simple form has issue for testing (http://chrismuench.com/android_password_bug.php)
<?php
if (isset($_POST['password']))
{
var_dump($_POST['password']);
}
?>
<form action="" method="POST">
<input type="password" name="password">
<input type="submit">
</form>
Here is a bare bones android app with a web view using android studio that shows the bug
Thanks for providing such complete information about this issue. I was able to reproduce it on both Android 5.1 and 6.0. It appears to have been caused by predictions being enabled for password fields in web forms. The fix has been released in v10.2.1, which is available on the Google Play Store.
Google added a separate input type for web form passwords in SDK 11, so I'm surprised we are only seeing this issue now. Something must have changed in Chromium recently, because reverting to Android System WebView version 44.0.2403.117 or earlier seems to fix the issue too.
- Restricting usage for an Android key for a Google API
- Android menu item visibility change in runtime
- Flutter android build issue post flutter update
- Software Components will not be created automatically for Maven publishing from Android Gradle Plugin 8.0
- "drag control" for Android games
- Android Studio stuck on loading devices
- Android gradle plugin 8.1.0 change apk name
- Get single integer from list on click
- No Android SDK found. Try setting the ANDROID_SDK_ROOT environment variable
- License for package Android SDK Platform 29 not accepted
- "Failed to install the following Android SDK packages as some licences have not been accepted" error
- onPageSelected callback for JetPack Compose Pager
- Android Studio Keyboard shortcut control
- Video Overflows from Bottom Sheet When Scrolling
- Get the background color of a button in android
- Simple export and import of a SQLite database on Android
- Image actual height differences
- Access Unity variables in eclipse
- Create pre build event to copy files to assets folder in Android application
- Set background color for the whole app. Android, Jetpack Compose
- I cannot get the permission window to appear using "requestPermissionLauncher.launch(permissions)"
- How can I document or exclude the generated BuildConfig class in my documentation?
- Android 13 How to save image in galery .Net MAUI
- Could not find org.apache.cordova:framework:7.0.0 after removing jcenter() in Android
- How to darken a given color (int)
- Customize android app preview when it is in background with secure flag
- Foreground Service crashing on Android 14
- android studio rebuild error : Unable to find Gradle tasks to build why?
- Thellmund WeekView Library horizontalScrollListener
- FCM notification not received without permission