Why does 1Password display the Save Login window on pages with no password field?

We have a page in our web app that shows a list (of an object specific to our app) and on each row is a delete link. If I click the link the Save Login (or unlock 1P) dialog is shown and I have to dismiss it to continue. I don't understand why the dialog comes up but is there a way to exempt it?


1Password Version: 6.1
Extension Version: 4.5.5.90
OS Version: OS X 10.10.5
Sync Type: Not Provided
Referrer: forum-search:display save login

Comments

  • Hi @BillSaysThis12 ,

    The Save Login is shown because your web app has a form that appears like a login form. The next time the dialog box appears, click the little gear in the lower left corner and choose "Never Autosave for this site". It shouldn't ask you again after that.

    Cheers,
    Kevin

  • BillSaysThis12
    BillSaysThis12
    Community Member

    Unfortunately I don't want to block the entire site (which is localhost in this case), only this page.

  • littlebobbytables
    littlebobbytables
    1Password Alumni

    Hello @BillSaysThis12,

    Sorry for the slow response. When you mention localhost my first thought is either developer or QA or something like that rather than end user. I could be wrong but if that assumption is correct can I suggest the following.

    1. When 1Password asks save a new Login item.
    2. Enable the option Copy JSON in the Advanced tab of 1Password's preferences.
    3. Select the Login item in 1Password and use the keyboard shortcut ⌥⌘J to copy the Extension JSON to your clipboard.
    4. Paste into your preferred text editor.

    What you will see is a dictionary titled secureContents and inside there an array titled fields. Each one represents an element recorded by 1Password when scanning the document. If you do a search for the string "type": "P" does it return any results? If it does then the id field in that same dictionary will contain the HTML ID of the item we found. Hopefully this will give some insight as to why we believe it may be a login form.

    Unfortunately there isn't a way to exempt a single page, it works at the domain level. The above though is based on the possibility that maybe the design can be tweaked so we don't see a form. I only know a small part of how the extension works but my understanding is we look to see if a submit action has taken place and then to see if here is a login form which for us means the presence of a password field.

    Could any of this be useful in tracking down why?

This discussion has been closed.