Status: Closed (View Workflow)
Environment:classic login form (before 2.128), regular "Save" form submission buttons on the classic UI
Released As:Jenkins 2.173 to 2.201, removed from 2.202, 2.289 released Apr 20, 2021
HTML spec [|https://w3c.github.io/uievents/#trusted-events] says "Most untrusted events will not trigger default actions, with the exception of the click event.". Now Firefox doesn't comply with the spec. When I try to fix the bug [|https://bugzilla.mozilla.org/show_bug.cgi?id=1370630], a regression has happened on all Jenkins websites. Users can't login Jenkins websites with Firefox anymore. After some experiments, it seems the Jenkins websites detect the browser's user agent and use untrusted 'submit' event to start form submission when the current browser is Firefox. Changing the UA of Chrome to the same string as Firefox also block the form submission.
The steps I used to reproduce this problem
- Change UA to the same string as Firefox
- Navigate https://jenkins.qa.ubuntu.com/
- Click login
- Enter username/password and press 'log in' button
- Nothing happened
Don't use untrusted events to start form submission on Jenkins websites.