nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

LastPass extension breaking one of our custom web elements - input field;

Vasil Atanasov

I'm not fully aware if that's an issue from the latest update (it could be) as we started getting reports of it from the time of the latest extension version (4.130.0)

Seems like the lastpass extension copies over DOM attributes from our custom input web element directly to the `<input` element, causing the `maxlength` attribute to be applied to it even without it being set, causing our users to not be able to enter anything in that field;

It looks like in this bit of your code - web-client-content-script.js - more specifically

```for (var t = e.getRootNode().host.attributes, n = 0; n < t.length; n++) {

var r = t[n];

e.hasAttribute(r.name) || r.name.startsWith("on") || e.setAttribute(r.name, r.value)

}

return e```

Find more posts tagged with

Accepted answers

All comments

LastPass Support

Hello,

Appreciate the post.

We are sorry to hear LastPass is not working as expected on this website. If there is a website should not perform actions, please, check the option of adding rules: Manage Never URLs in Account Settings.

If this is an issue that is affecting other sites, other users in the company or different actions, please, ask your administrator to submit a ticket to our support team and provide the details to review.

Thank you,

Karol | Customer Care

adf

The problem is affecting our application in two web components, date fields and colour fields.

With lastpass enabled, even with a never URL added to not do anything for the site, the field, that is ordinarily untyped (ie text) gains a type date / color which breaks the UI.

It seems the only way to stop the behaviour is to disable the lastpass extension.

Charles Simard-Lecours

Hello @Karol Hidalgo: I have opened a support case about this. Case number 02585551. Please either rollback the latest update or release a new version without the offending code.

jason.saunders

This problem also affects our application in exactly the same way and makes it unusable.

The code shown in the OP comment is completely wrong. What makes you think that your extension can just arbitrarily modify the attributes inside the private DOM of a web component?

The problem needs to be fixed in the lastpass extension and urgently.

adf

The code from the op copies the attributes from the host to the input element if the input element doesn't already have that attribute and the attribute isn't an event handler.

I agree with @User17143770899613551244 that code is fundamentally wrong and should be removed ASAP.

Armand Lluka

I just want to bump this thread as well, we are running into exactly the same issue with LastPass + Web Components.

The native attributes should not have values assigned like this. I want to echo the other comments and say this should be either rolled back or fixed in a new release.

@Karol Hidalgo

Christian Deschamps

Bumping this thread again, it's causing a lot of side effects and needs to be fix. @Karol Hidalgocan you give us more information when we can expect a fix?

Thanks

Danielle Dupuis

We are having this issue too affecting web elements. It's not an option for us to add to Never URLs @Karol Hidalgois there a fix scheduled?

Rose Grondin

Hi, I jsut noticed this thread. Any news on this ?

jebus27

The behavior is causing Chrome to hammer itself internally with Violation Notifications on setInterval in web-client-content-script.

And good luck doing anything in DevTools when your console is being spammed incessantly with the notification.

Maria de los Angeles Diaz

Hello. We are doing a big migration to web components. And this error is being a blocker for us. Do we have an estimated time for this bug to be fixed

adf

Is there some JavaScript code we can use to detect Lastpass extension so we can display an alert asking the user to disable Lastpass?

Christian Deschamps

@Karol Hidalgo can we get some updates on this issue? When can we expect a fix? It's been a while and still no news from LastPass and you.

Thanks a lot

graham.bingham

Anyone know if this has been fixed? I'm getting a very similar issue where the "page" class is getting added to input elements, and breaking things. This is happening in web-client-content-script.js in or around some code like this:

Vr = function(e) {

for (var t = e.getRootNode().host.attributes, n = 0; n < t.length; n++) {

var r = t[n];

e.hasAttribute(r.name) || r.name.startsWith("on") || e.setAttribute(r.name, r.value)

}

return e

Musser, TJ

Bumping this thread as well, we are running into exactly the same issue with LastPass + Web Components.

The native attributes should not have values assigned like this. I want to echo the other comments and say this should be either rolled back or fixed in a new release.

Danielle Dupuis

Does LastPass have a fix date on this?

renato

They are all likely caused by the same bug. Cc @Ash Cannon

renato

A workaround we found was changing the labels of the field. Previously, it was "day" or "month" or "year". By removing the labels, LastPass does not know it's a date field and therefore can't break our application.

As a result, a temporary mitigation might be to remove your form labels. Placeholders like "DD" "MM" and "YYYY" are not an issue, but of course the LastPass team might come for them next.

renato

We are also affected by this. @Karol Hidalgodo you have any updates on this? I'm fairly sure this error is the same as this other thread I'm linking below. It's affecting multiple websites and with no workaround other than telling our users to stop using LastPass.