Skip to content

Force credentials extraction upon manual request#2809

Open
a2kolbasov wants to merge 1 commit intokeepassxreboot:developfrom
a2kolbasov:fixes/retrieve-credentials-forced
Open

Force credentials extraction upon manual request#2809
a2kolbasov wants to merge 1 commit intokeepassxreboot:developfrom
a2kolbasov:fixes/retrieve-credentials-forced

Conversation

@a2kolbasov
Copy link
Copy Markdown
Contributor

@a2kolbasov a2kolbasov commented Dec 29, 2025
edited
Loading

(continuing of #2767 (comment))

This function is blocked by the autoRetrieveCredentials setting. If the user turned it off, then manually requested credentials, and then changed something in the database, he does not have the opportunity to request them again without updating the page.

An option like

if ((kpxc.settings.autoRetrieveCredentials || force) && kpxc.url && kpxc.submitUrl) {

is not suitable. It is necessary to separate the desire not to use the cache from the user's explicit request.

kpxc.retrieveCredentials(true)

also called here:

keepassxc-browser/keepassxc-browser/content/banner.js

Lines 370 to 384 in 8c3df94

kpxcBanner.verifyResult = async function(code) {
if (code === 'error') {
kpxcUI.createNotification('error', tr('rememberErrorCannotSaveCredentials'));
} else if (code === 'created') {
kpxcUI.createNotification(
'success',
tr('rememberCredentialsSaved', kpxcBanner.credentials.username || tr('rememberEmptyUsername')),
);
await kpxc.retrieveCredentials(true); // Forced reload
} else if (code === 'updated') {
kpxcUI.createNotification(
'success',
tr('rememberCredentialsUpdated', kpxcBanner.credentials.username || tr('rememberEmptyUsername')),
);
await kpxc.retrieveCredentials(true); // Forced reload

If a user saves new credentials, this does not mean that he wants to automatically retrieve them from the database again afterwards (and see a request from the KeePassXC-desktop).

Screenshots or videos

Testing strategy

Manually

Type of change

  • ✅ Bug fix (non-breaking change that fixes an issue)

@a2kolbasov a2kolbasov marked this pull request as ready for review December 29, 2025 21:09
@varjolintu varjolintu self-requested a review December 29, 2025 21:17
@varjolintu varjolintu added the bug label Dec 29, 2025
varjolintu
varjolintu requested changes Jan 4, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@varjolintu varjolintu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If a user saves new credentials, this does not mean that he wants to automatically retrieve them from the database again afterwards (and see a request from the KeePassXC-desktop).

Actually this is something we want to do. Any added or updated credentials should be retrieved from the database.

@a2kolbasov
Copy link
Copy Markdown
Contributor Author

a2kolbasov commented Jan 12, 2026

Actually this is something we want to do. Any added or updated credentials should be retrieved from the database.

Maybe in this case, we should change the business logic: when updating data, first clear the cache, and then request passwords from the database as if the user had refreshed the page? In this case, users with autoRetrieveCredentials = false will simply remain without cached passwords and (if they need them) will explicitly request them again. And those who only want to update their password will not see the "Confirm Access Dialog" from KeePassXC-desktop.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@varjolintu varjolintu varjolintu requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@a2kolbasov @varjolintu