Duderino2020
Dabbler
- Joined
- Mar 20, 2015
- Messages
- 11
Hello all,
If I log into FreeNAS WebGUI via Firefox, I can close the browser, re-open it and I will be able to open that TAB again and I will already be logged in to FreeNAS with full permissions of that user. No need to enter User/Password. Firefox has not been set to remember the login info. I double checked and those credentials have not been saved. I was able to reproduce this on all of my other PCs.
Firefox was set to "Show your windows and tabs from last time" under OPTIONS. However, even if I disable this, shut everything down, reboot the PC, reopen Firefox and type the IP address, I can use the GUI without entering any U and P credentials. I've tried clearing the web cache and history, purged on filled forms, passwords, shut off all Add-Ons, etc. I even created a new clean profile using Firefox's profile manager to try clean browser tests. In short, I've tested this in every way I could think of and I can replicate it every time.
I tested a long time frame too. I shut the PCs off, went out for over 2 hours meeting clients, returned and turned them on and was still be able to access FreeNAS without logging in because the previous user (root or user I created) that was logged in still works.
I'm not sure if this is a known issue or just me. I also don't know if this is a Firefox issue or a FreeNAS issue, though I suspect this is a Firefox thing. Even so, if it is, I believe FreeNAS should have some sort of way to prevent it, right? I only use Firefox and currently I'm using version 58. This also happened with version 57 too. I don't know if this happens with Chrome, Edge, etc.
Misc. details:
Yes, I searched the forums here. I found nothing.
All PCs running Windows 10 Pro.
I'm connecting to my FreeNAS box via HTTP only. Not using HTTPS yet. Therefore, I've only tested this under HTTP.
All browsers are Firefox 58 and using the same add-ons.
Add-ons are: Disable WebRTC, NoScript, OneTab, UBlock Origin
All OS and all software up to date.
I tested on both FreeNAS 11.1 and 11.1 U1.
My FreeNAS install is basically a clean install using defaults. I've only added some users and datasets. Nothing more complex.
If I log into FreeNAS WebGUI via Firefox, I can close the browser, re-open it and I will be able to open that TAB again and I will already be logged in to FreeNAS with full permissions of that user. No need to enter User/Password. Firefox has not been set to remember the login info. I double checked and those credentials have not been saved. I was able to reproduce this on all of my other PCs.
Firefox was set to "Show your windows and tabs from last time" under OPTIONS. However, even if I disable this, shut everything down, reboot the PC, reopen Firefox and type the IP address, I can use the GUI without entering any U and P credentials. I've tried clearing the web cache and history, purged on filled forms, passwords, shut off all Add-Ons, etc. I even created a new clean profile using Firefox's profile manager to try clean browser tests. In short, I've tested this in every way I could think of and I can replicate it every time.
I tested a long time frame too. I shut the PCs off, went out for over 2 hours meeting clients, returned and turned them on and was still be able to access FreeNAS without logging in because the previous user (root or user I created) that was logged in still works.
I'm not sure if this is a known issue or just me. I also don't know if this is a Firefox issue or a FreeNAS issue, though I suspect this is a Firefox thing. Even so, if it is, I believe FreeNAS should have some sort of way to prevent it, right? I only use Firefox and currently I'm using version 58. This also happened with version 57 too. I don't know if this happens with Chrome, Edge, etc.
Misc. details:
Yes, I searched the forums here. I found nothing.
All PCs running Windows 10 Pro.
I'm connecting to my FreeNAS box via HTTP only. Not using HTTPS yet. Therefore, I've only tested this under HTTP.
All browsers are Firefox 58 and using the same add-ons.
Add-ons are: Disable WebRTC, NoScript, OneTab, UBlock Origin
All OS and all software up to date.
I tested on both FreeNAS 11.1 and 11.1 U1.
My FreeNAS install is basically a clean install using defaults. I've only added some users and datasets. Nothing more complex.