[Pkg-chromium-maint] Bug#724528: chromium: mishandles forms

Neal Murphy neal.p.murphy at alum.wpi.edu
Tue Sep 24 18:12:15 UTC 2013


Package: chromium
Version: 29.0.1547.57-1~deb7u1
Severity: normal

Please note that my comments apply mostly to POST forms where the URL is the
same before and after submission. GET forms that alter the URL clearly can
behave differently.


First situation

A friend informed me that my PMs to him (in a phpBB forum) were doubled. Later
I noticed that my firewall re-performed many actions as I went back through the
page history (using the back button or <ALT><Left>).

When I go back, I expect the page to be redisplayed. I don't expect the browser
to silently resubmit the POST form and cause the action to be taken again. This
could wreak havoc on one's bank accounts.


Second situation

I have also noticed that Chromium is very reluctant to release/clear form data.
Submit a POST form. Click the URL and tap <ENTER>; this should load a fresh,
clean page. Then enter <ALT><F5> or click the reload button. Chromium complains
that it has form data with changes.

When a page is freshly loaded, I expect forms to be cleared.


Third situation

Submit a form. Click Reload. The resulting dialog allows one to resubmit the
form or cancel the action. There is no way to refresh a page if a form was
used.

The reload dialog should also provide an option to freshly load the page
without resubmitting the form. Optionally, <SHIFT>-Reload or <SHIFT><ALT><F5>
would be a nice alternative to force a fresh reload without dialog.


Bug #717264 may be tangentially related to this.



-- System Information:
Debian Release: 7.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages chromium depends on:
ii  chromium-inspector  29.0.1547.57-1~deb7u1
ii  gconf-service       3.2.5-1+build1
ii  libasound2          1.0.25-4
ii  libatk1.0-0         2.4.0-2
ii  libc6               2.13-38
ii  libcairo2           1.12.2-3
ii  libcups2            1.5.3-5
ii  libdbus-1-3         1.6.8-1+deb7u1
ii  libexpat1           2.1.0-1
ii  libfontconfig1      2.9.0-7.1
ii  libfreetype6        2.4.9-1.1
ii  libgcc1             1:4.7.2-5
ii  libgconf-2-4        3.2.5-1+build1
ii  libgcrypt11         1.5.0-5+deb7u1
ii  libgdk-pixbuf2.0-0  2.26.1-1
ii  libglib2.0-0        2.33.12+really2.32.4-5
ii  libgnome-keyring0   3.4.1-1
ii  libgtk2.0-0         2.24.10-2
ii  libjpeg8            8d-1
ii  libnspr4            2:4.9.2-1
ii  libnss3             2:3.14.3-1
ii  libnss3-1d          2:3.14.3-1
ii  libpango1.0-0       1.30.0-1
ii  libspeechd2         0.7.1-6.2
ii  libstdc++6          4.7.2-5
ii  libudev0            175-7.2
ii  libx11-6            2:1.5.0-1+deb7u1
ii  libxcomposite1      1:0.4.3-2
ii  libxdamage1         1:1.1.3-2
ii  libxext6            2:1.3.1-2+deb7u1
ii  libxfixes3          1:5.0-4+deb7u1
ii  libxml2             2.8.0+dfsg1-7+nmu1
ii  libxrender1         1:0.9.7-1+deb7u1
ii  libxslt1.1          1.1.26-14.1
ii  libxss1             1:1.2.2-1
ii  xdg-utils           1.1.0~rc1+git20111210-6

chromium recommends no packages.

Versions of packages chromium suggests:
pn  chromium-l10n  <none>

-- no debconf information



More information about the Pkg-chromium-maint mailing list