Lastpass log-in broken in latest Pale Moon

Talk about code development, features, specific bugs, enhancements, patches, and similar things.
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.

This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.

Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
User avatar
needsmoremusic
Hobby Astronomer
Hobby Astronomer
Posts: 15
Joined: 2020-03-27, 22:27

Re: Lastpass log-in broken in latest Pale Moon

Unread post by needsmoremusic » 2020-07-22, 20:22

Moonchild wrote:
2020-07-22, 07:52
Disable the AbortController that was added to 28.11 and it will log in.
Toggle dom.abortController.enabled to false.

I guess there must be some issue with its implementation still; I guess what I added isn't exactly the same implementation like Chrome.

Please note that other websites will fail without it enabled, so there's no solution for this yet, only a workaround by disabling it when you need to go to lastpass
Thanks Moonchild for the above tip. However, I didn't do the above since I'm just turning to Iridium browser where I can copy passwords from Lastpass
Moonchild wrote:
2020-07-22, 07:52

Hello.
Main dev of the Pale Moon web browser here. I know you do not officially support the browser at this time but I'm trying to find out the details of a particular login problem on your website so I can address any implementation error that may have been made. I've narrowed the problem down to the use of the AbortController API on your login page (it's unclear to me why you would need that API for a login form to begin with...) but since there are no further messages given by your website aside from "an unknown error" (and no details in the web developer consoles either that provide any information) I'm hoping you can provide me with some insight into what -exactly- is going wrong here with the login to your site. I'd greatly appreciate your cooperation.[/hide]
Moonchild, thanks so much for writing to Lastpass.com. Maybe they'll investigate what's going on-- let's hope for that. Before I read here your message to Lastpass, I also made another plea to them, asking basically for a PaleMoon-useful Lastpass.

User avatar
Cassette
Lunatic
Lunatic
Posts: 395
Joined: 2015-05-08, 14:30
Location: Wichita, KS

Re: Lastpass log-in broken in latest Pale Moon

Unread post by Cassette » 2020-07-23, 21:07

needsmoremusic wrote:
2020-07-22, 20:22
I didn't do the above since I'm just turning to Iridium browser where I can copy passwords from Lastpass
Did you decide against using the extension?

User avatar
needsmoremusic
Hobby Astronomer
Hobby Astronomer
Posts: 15
Joined: 2020-03-27, 22:27

Re: Lastpass log-in broken in latest Pale Moon

Unread post by needsmoremusic » 2020-07-24, 01:26

Cassette wrote:
2020-07-23, 21:07
needsmoremusic wrote:
2020-07-22, 20:22
I didn't do the above since I'm just turning to Iridium browser where I can copy passwords from Lastpass
Did you decide against using the extension?
Cassette, where do I find that extension? I'll check it out and maybe try it if I know where to get it.

User avatar
Baloo
Fanatic
Fanatic
Posts: 167
Joined: 2017-08-24, 15:02

Re: Lastpass log-in broken in latest Pale Moon

Unread post by Baloo » 2020-07-24, 02:23

A recommendation to everyone in this thread instead of using insecure, outdated plugins. Simply use the KeePassXC app. Locally stored passwords, all stored in one file that is easy to transfer to devices. KeePassXC has an auto-type button using Ctrl+Shift+V where you can hit it on any website and automatically type in the password. It works great. Use it over Lastpass.
Image
Image

User avatar
Cassette
Lunatic
Lunatic
Posts: 395
Joined: 2015-05-08, 14:30
Location: Wichita, KS

Re: Lastpass log-in broken in latest Pale Moon

Unread post by Cassette » 2020-07-24, 04:05

needsmoremusic wrote:
2020-07-24, 01:26
Cassette, where do I find that extension? I'll check it out and maybe try it if I know where to get it.
Asked and answered.
Baloo wrote:
2020-07-24, 02:23
Simply use the KeePassXC app.
Your suggestion was already made by another. I would rather use the built in password manager than that option.

User avatar
moonbat
Knows the dark side
Knows the dark side
Posts: 4942
Joined: 2015-12-09, 15:45
Contact:

Re: Lastpass log-in broken in latest Pale Moon

Unread post by moonbat » 2020-07-24, 04:22

Cassette wrote:
2020-07-24, 04:05
I would rather use the built in password manager than that option.
Don't completely depend on it though. I use Bitwarden - it is open source, has a desktop application as well as a mobile one and can sync between both. The Android app can help you autofill passwords on other apps as well as webpages in your mobile browser.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Image
Linux Mint 21 Xfce x64 on HP i5-5200 laptop, 12 GB RAM.
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35402
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Lastpass log-in broken in latest Pale Moon

Unread post by Moonchild » 2020-07-24, 08:37

needsmoremusic wrote:
2020-07-22, 20:22
Thanks Moonchild for the above tip. However, I didn't do the above since I'm just turning to Iridium browser where I can copy passwords from Lastpass
Thanks for making me feel like I'm just wasting my time.

*goes back to doing vacation things*
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

User avatar
needsmoremusic
Hobby Astronomer
Hobby Astronomer
Posts: 15
Joined: 2020-03-27, 22:27

Re: Lastpass log-in broken in latest Pale Moon

Unread post by needsmoremusic » 2020-07-25, 21:49

Baloo wrote:
2020-07-24, 02:23
A recommendation to everyone in this thread instead of using insecure, outdated plugins. Simply use the KeePassXC app. Locally stored passwords, all stored in one file that is easy to transfer to devices. KeePassXC has an auto-type button using Ctrl+Shift+V where you can hit it on any website and automatically type in the password. It works great. Use it over Lastpass.

Thanks Baloo for this tip.

I found it in the repos for my Linux OS (MX Linux v. 19.2 for 64 bit) and have installed it.

New Tobin Paradigm

Re: Lastpass log-in broken in latest Pale Moon

Unread post by New Tobin Paradigm » 2020-07-25, 21:55

Sigh...
about:addons wrote:What are Add-ons?

Add-ons let you customize Pale Moon with extra functionality or a different look. There are several types of add-ons. Extensions expand the capabilities of the browser, themes allow you to personalize Pale Moon's visual aesthetic, and plugins further extend the browser with specialized external components such as the Adobe Flash Player.

User avatar
needsmoremusic
Hobby Astronomer
Hobby Astronomer
Posts: 15
Joined: 2020-03-27, 22:27

Re: Lastpass log-in broken in latest Pale Moon

Unread post by needsmoremusic » 2020-07-25, 22:03

Moonchild wrote:
2020-07-24, 08:37
needsmoremusic wrote:
2020-07-22, 20:22
Thanks Moonchild for the above tip. However, I didn't do the above since I'm just turning to Iridium browser where I can copy passwords from Lastpass
Thanks for making me feel like I'm just wasting my time.

*goes back to doing vacation things*
Moonchild, I didn't intend to annoy you. I just thought that what you wrote would cause someone who made the change you offered to have to toggle back and forth to get other websites working again: I didn't actually test your method/suggestion so I really don't know if it would be maybe a slight pain to use. Therefore, I decided today to try KeePassXC mentioned here by Baloo. It looks like good, sound software.

You wrote earlier in this thread:

Disable the AbortController that was added to 28.11 and it will log in.
Toggle dom.abortController.enabled to false.

I guess there must be some issue with its implementation still; I guess what I added isn't exactly the same implementation like Chrome.

Please note that other websites will fail without it enabled, so there's no solution for this yet, only a workaround by disabling it when you need to go to lastpass

coffeebreak
Moon Magic practitioner
Moon Magic practitioner
Posts: 2986
Joined: 2015-09-26, 04:51
Location: U.S.

Re: Lastpass log-in broken in latest Pale Moon

Unread post by coffeebreak » 2020-07-25, 23:53

needsmoremusic wrote:
2020-07-25, 22:03
I just thought that what you wrote would cause someone who made the change you offered to have to toggle back and forth to get other websites working again: I didn't actually test your method/suggestion so I really don't know if it would be maybe a slight pain to use.
Be advised that it should be fixed in near future.

The same issue came up with another site.
Quoting from that thread:
Moonchild wrote:
2020-07-24, 13:52
FTR, I'll look at this with priority when I'm back. I think I know what the issue is.

User avatar
Raava
Fanatic
Fanatic
Posts: 198
Joined: 2014-06-22, 22:23
Location: Europe

Re: Lastpass log-in broken in latest Pale Moon

Unread post by Raava » 2020-10-31, 12:08

So far, lastpass works okay in my most recent x86-64 Linux PM, and one says "never change a running system", but then there is security to consider.

Trying to update LP via th Add-On Menu in PM fails, and looking for a more recent version of it on the Add-on page here also failed - I searched for "lastpass" like so:
https://addons.palemoon.org/search/?terms=lastpass
and all I got was "No search results".
Since the PM for Linux area links to the https://addons.palemoon.org/ area I can only presume I searche3d for a Linux LP Add-On the right way.

When I go into the Add-on area PM tells me that this Add-on is not made for PM and that it might stop working in the future, which would be a game-breaker for me since I manage all my online passwords but actual online banking with LP, so it is kinda essential.

The version I am running is LP 3.3.4, and it was the version I learned here on the forum is the one I should stick with since it is the newest one to work with PM.

But that is years ago now, so I just want to ask: Is the info from back then still recent?
Is my running LP version the newest I can get running on the most recent PM?
yours truly, Rava

User avatar
moonbat
Knows the dark side
Knows the dark side
Posts: 4942
Joined: 2015-12-09, 15:45
Contact:

Re: Lastpass log-in broken in latest Pale Moon

Unread post by moonbat » 2020-11-01, 00:27

Being an old version it's likely broken by now. Don't go looking for it on the Mozilla addons page either since WebExtensions don't work at all in Pale Moon.

If it is released under a permissible license (MPL/GPL for example), you can try fixing it by looking for any errors from it in the browser console. Though in general extensions made for 3rd party services are best left to their original authors to fix (you may not be legally allowed to access their API through an unofficial fork, for example) and in this case it's unlikely they will bother.

I use Bitwarden for my passwords, it is open source, locally encrypted database and syncs with mobile as well. There is a dedicated desktop app for it but of course no extensions for Pale Moon.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Image
Linux Mint 21 Xfce x64 on HP i5-5200 laptop, 12 GB RAM.
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX

User avatar
Cassette
Lunatic
Lunatic
Posts: 395
Joined: 2015-05-08, 14:30
Location: Wichita, KS

Re: Lastpass log-in broken in latest Pale Moon

Unread post by Cassette » 2020-11-01, 01:09

I believe that 4.1.67 is the last compatible version of LastPass. They've shown no interest in updating the XUL version. It's up to you if you want to use it, but at some point compatibility will break with Pale Moon. At that point you will want to export your passwords and use something else.

User avatar
Raava
Fanatic
Fanatic
Posts: 198
Joined: 2014-06-22, 22:23
Location: Europe

Re: Lastpass log-in broken in latest Pale Moon

Unread post by Raava » 2020-11-01, 13:09

Cassette wrote:
2020-11-01, 01:09
I believe that 4.1.67 is the last compatible version of LastPass. They've shown no interest in updating the XUL version. It's up to you if you want to use it, but at some point compatibility will break with Pale Moon. At that point you will want to export your passwords and use something else.
Thanks for the heads up.
When lastpass.com itself is not interested in maintaining the XUL version, then they should at least allow others to fix issues like above mentioned.

But from my experience with the way LP handles things, I saw a many paying customers complaining what is broken and should be fixed and it went on for months and months with no fix.

I see it that I never plan to be a paying customer to them, so I have no real right to complain, gift horse and its teeth and all such.
yours truly, Rava

Goers

Re: Lastpass log-in broken in latest Pale Moon

Unread post by Goers » 2020-11-02, 22:58

Hi all. After searching I have successfully installed and use Lastpass.
To do that, in Palemoon browser I went to the Waterfox Addons and installed Classic Firefox Addons.
From there I selected and installed Lastpass (older versions which work show as "Install" green icon)
And voila, all good to go.
Enjoy Lastpass :)

User avatar
back2themoon
Moon Magic practitioner
Moon Magic practitioner
Posts: 2358
Joined: 2012-08-19, 20:32

Re: Lastpass log-in broken in latest Pale Moon

Unread post by back2themoon » 2020-11-03, 09:26

We've said this a million times. DO NOT use the old and insecure LastPass extension. Why would you trust your passwords to abandoned software which has been targeted again and again by hackers?

Convenience is nice, I get it. If you really need auto-fill then either use:

1. Pale Moon's own password manager with a master password. The Master Password+ extension is a good companion to it, adding some extra features. It is not required.

2. Auto-Type. It is not an extension. It is part of KeePass (which I recommend) and KeePassXC. Read the Global Auto-Type Hot Key section carefully.

User avatar
back2themoon
Moon Magic practitioner
Moon Magic practitioner
Posts: 2358
Joined: 2012-08-19, 20:32

Re: Lastpass log-in broken in latest Pale Moon

Unread post by back2themoon » 2020-11-03, 14:43

Oh, and just a thought. Perhaps the aforementioned LastPass extension should be considered for the blocklist? It has been declared vulnerable after all, if I remember correctly.

User avatar
moonbat
Knows the dark side
Knows the dark side
Posts: 4942
Joined: 2015-12-09, 15:45
Contact:

Re: Lastpass log-in broken in latest Pale Moon

Unread post by moonbat » 2020-11-04, 10:10

back2themoon wrote:
2020-11-03, 14:43
Perhaps the aforementioned LastPass extension should be considered for the blocklist?
AFAIK that is for malicious extensions or those that violate TOS of certain sites. There was an ad extension that sends fake clicks to ad sites, for example.

People using Lastpass despite warnings are entirely responsible for any problems they face, there is no need to mollycoddle them the way Mozilla does.
"One hosts to look them up, one DNS to find them and in the darkness BIND them."

Image
Linux Mint 21 Xfce x64 on HP i5-5200 laptop, 12 GB RAM.
AutoPageColor|PermissionsPlus|PMPlayer|Pure URL|RecordRewind|TextFX

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35402
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Lastpass log-in broken in latest Pale Moon

Unread post by Moonchild » 2020-11-04, 12:29

Blocklist use is for a number of reasons beyond what's already mentioned, but in general if it's not malware, and doesn't cause problems for the user, the browser's stability or security, or the health of the internet, then it shouldn't be listed.
People taking a risk by entrusting their data to a known-vulnerable storage system is not among those reasons though. it's your risk to take if you insist.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

Locked