WTF, Google



  • So starting some time last year, Google made "minor updates to your Google sign-in experience" that broke Lastpass and pissed off a heap of users for no good reason. Fair enough; we've all had plenty of time to learn to expect this kind of pants-on-head idiocy from our 1e100 overlords.

    I wasn't affected at the time, because I'd seen the writing on the wall a couple of years ago and jumped ship to Fastmail. But the school's email service has just been cut over to a Google Apps For Education instance managed upstream from us (nobody at the school gets an admin login) and now I need to deal with their stupid fucking signon system multiple times per day.

    So I added Auto-Type:{username}{enter}{delay 2000}{password}{enter} to the KeePass entry for my school GAFE account, and tested it, and it works. It's stupid and slow, but it works - unless I'd previously been lazy and let that particular browser remember my Google credentials. Then it doesn't work, because the browser pre-fills the password box and KeePass types shit into it and it all gets wocked up, but meh. It's Google. It's supposed to be annoying.

    Tried my GAFE account from home for the first time tonight. WTF? At home, I'm still seeing the same old Google login page, the one with both username and password boxes that used to Just Work with KeePass and Lastpass and Everyotherpass because you can tab from one to the other. Ooookay... but now I can't use that page any more, because my KeePass is set up for the other one. Checked browser version: newer than what I'm running at school. Cleared cache: same behavior. Cleared cookies: same behavior.

    Long story short: turns out that if the string Iceweasel/ appears anywhere in your UA, Google serves up the old-style login page. I'm tipping there's a Debian user somewhere inside Google who also thinks the two-page login thing is completely fucking stupid.



  • For being such big HTML5 enthusiasts, Google uses heavy user agent sniffing in all its websites.

    Install an UA switcher extension with a bunch of preset browsers, go to google.com and start switching. You'll see a dozen different versions of a fucking textbox with a button.



  • Only thing I am accustomed to using my UA switcher for is pretending to be a googlebot in order to waltz past paywalls.



  • I don't think it's Iceweasel, or at least not only Iceweasel. I don't use it and I've seen both versions of the login page within the past couple weeks.



  • Try inserting Iceweasel/ somewhere into the UA string for a browser that's currently getting the split version. Betcha you get the single page.



  • I tried it just now without changing any useragents:

    • Chrome on Windows and Mac gave me the split page version, as did Palemoon (Win) and Safari (Mac)
    • Opera on Windows got single page, two input version

    The UA for Opera is Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36 OPR/34.0.2036.47



  • I've just been fooling about with Chromium on Linux. Looks like Iceweasel/ will turn the single page version on, but not if AppleWebKit/ is also present. Now trying OPR/ to see if that's the one string to rule them all and in the darkness bind them.

    Edit: Yes. OPR/ beats AppleWebKit/.

    Next challenge: find a UA string where appending OPR/ does not get you the single-page, two-input Google login.

    Edit Edit: AppleWebKit/ alone isn't enough to beat Iceweasel/ - needs at least AppleWebKit/[:digit:]{3}.*Safari/[:digit:]{3} AFAICT.


  • I survived the hour long Uno hand

    New programming challenge: UA Horseshoes? Like Code Golf but you're trying to find two strings that get different page versions, score is the length added together, lowest wins?



  • You made me curious.

    Google finally fixed the bug where if you typed: "google.com////////////////////////////////////////////////" it would serve you up a old-and-mostly-not-working homepage from like 2002.

    Nothing to do with your post, except it was a long-standing and amusing bug they had on their site for ages.



  • I sign into my Google account on a regular basis. Sometimes I get the two-page sign-on, other times it's one-page sign-on. Plus I also have 2-factor auth enabled. It doesn't really bother me too much either way.



  • I don't think I've ever seen the two-page sign-on. Not sure what you guys are talking about, honestly.

    Maybe they're running an A/B test and what you think is controlled by the user agent is just a cookie in their testing server.



  • What's your usual browser's UA string?



  • It is "I don't know and I don't care to participate in this dumbness".



  • Default UA: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.2.1

    Modified UA: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0



  • Ok?

    I still don't care.



  • @blakeyrat said:

    I don't know and I don't care to participate in this dumbness

    Modified UA: I don't know and I don't care to participate in this dumbness

    So that'll be why you're seeing the two-box version then.


  • I survived the hour long Uno hand

    Hang on, why can't LastPass handle that one? Mine handles two-page auth just fine. If there's only a Password box, it only fills Password, and ditto for Username.


  • FoxDev

    LastPass has always managed Google sign in just fine, no matter how they design their forms



  • I don't use Lastpass, so I don't know. Do you have to do that in two steps, or can you just kick something off on the initial page that steps through both without further ado?



  • What's this guy on about then? Earlier version, perhaps?


  • FoxDev

    Mostly moaning for the sake of moaning


  • Notification Spam Recipient

    @anonymous234 said:

    For being such big HTML5 enthusiasts, Google uses heavy user agent sniffing in all its websites.

    Install an UA switcher extension with a bunch of preset browsers, go to google.com and start switching. You'll see a dozen different versions of a fucking textbox with a button.

    I've being doing this for about five minutes. Fucking hell. No wonder Web Developers are madder than a box of snakes.



  • @blakeyrat said:

    Ok?

    I still don't care.

    Yet you care enough to post in this topic. Repeatedly. In direct response to the post that you don't care about.

    ...

    Oh yeah, I forgot for a minute who I was talking to.


  • I survived the hour long Uno hand

    I don't have to script anything at all. I just put my credentials in (typically I let it generate a password for me), and it guesses which field wants which value by the naming in the HTML. When it's wrong, it still knows which credentials go with this site, so i can ask it to copy my password to the clipboard and paste it in the right field, but it's rarely wrong.



  • @Dragnslcr said:

    Oh yeah, I forgot for a minute who I was talking to.

    Is it Boomzilla?



  • Is it Ghostbusters 2?


  • Notification Spam Recipient

    @flabdablet said:

    productforums.google.com

    Huh. Seems they changed things a bit.
    Oh shaft orifice, they have infiniscroll too? Except, there's no newlivator, so how am I supposed to know how far along I am (other than hovering over the pretty non-discoverable icon on the LEFT of all the posts, reading the current post hovering over the "Jump to end" icon and reading the in-page tooltip (or hovering over the current post number, even more discoverable!)).

    Also, circle avatars.
    Also, posts require expanding by default apparently (how uncivilized!).
    Also, clicking the "Go to the end" doesn't just jump to the end, no, it loads up every post made from the current view all the way down. At least "Go to the top" works as expected.

    :wtf:


    Filed under: I had to stop myself there, things were starting to look a bit too discourse-y for me



  • @Yamikuronue said:

    UA Horseshoes? Like Code Golf but you're trying to find two strings that get different page versions, score is the length added together, lowest wins?

    Here's mine: empty UA string gets the two-box version, (; MSIE 10) gets one box. Score: 11.



  • I think sifiso hector had the right idea when he said:

    it does not make think easly it better to only on


  • Winner of the 2016 Presidential Election

    @RaceProUK said:

    Mostly moaning for the sake of moaning

    :giggity:



  • @Yamikuronue said:

    I don't have to script anything at all. I just put my credentials in (typically I let it generate a password for me), and it guesses which field wants which value by the naming in the HTML. When it's wrong, it still knows which credentials go with this site, so i can ask it to copy my password to the clipboard and paste it in the right field, but it's rarely wrong.

    With KeePass, my usual workflow for logging onto a site goes

    1. Bring the KeePass window to the front, and double-click the URL entry for the site I want.

    2. Once that URL has opened in the browser, click whatever I have to in order to expose a Username box (most sites have a login page with its own URL and can skip this step); click or double-click in the Username box if necessary to prepare it for text entry.

    3. Alt-Tab to get the KeePass window to the front again, then Ctrl-V. This makes KeePass minimize itself, then type the previously selected site's auto-type sequence into what is now the front window; by default, this is {username}{tab}{password}{enter}.

    If things go wrong I can copy/paste or drag/drop username and password from KeePass to the browser, but this is almost never required.

    How does a Lastpass login work?


  • I survived the hour long Uno hand

    1. Navigate to the site I want to log into. LastPass has a system where you can search for a site and open it from there, but I don't use it much.
    2. In the Username box, there's a little LastPass logo. I click that to bring up a list of credentials that match this site.
    3. I click the credentials I want, and it fills in the boxes it can find on the page.

    If the logo doesn't show up or is hard to click, there's one in the extensions bar that does the same thing. From either, I cal also click a little wrench, which gives me options like "Copy username", "Copy password", or "Edit"



  • Terse, yet poetic. I like it.



  • If you're working with the username-only version of the Google login page, what happens at step 3?


  • I survived the hour long Uno hand

    I pulled it up in incognito:

    Clicked the logo, picked some credentials, it filled my email address.
    clicked next and got:

    Apparently that fancy animation means the password box was on the DOM when I filled it, so it got populated despite not being visible. That was a nice surprise, I expected to have to click again. If that hadn't worked, I could have clicked the icon again, clicked fill, and it'd dump just the password in the box.



  • Thanks for that.

    Now that I've worked out how to make all my browsers show me the same Google login page, I think I'll stick with KeePass.

    (drafts offline)
    DISCOUUUUUUURRRRRSSSSSSE


  • ♿ (Parody)

    @blakeyrat said:

    It is "I don't know and I don't care to participate in this dumbness".

    You should totally go start a thread where you talk about not caring about your UA and google login techniques.



  • @flabdablet said:

    Alt-Tab to get the KeePass window to the front again, then Ctrl-V. This makes KeePass minimize itself, then type the previously selected site's auto-type sequence into what is now the front window; by default, this is {username}{tab}{password}{enter}.

    Why not just assign a hotkey in KeePass? Then your whole thing is

    • navigate to site's login page
    • press hotkey


  • Just one less thing to go wrong for no real benefit. I use a lot of different browsers, most of which don't have all the sites I want bookmarked, so I'm effectively using KeePass as my bookmarks manager as well as my password safe.

    That means navigating to any given site's login page already involves a trip to KeePass and has the side-effect of pre-selecting that site within KeePass, meaning that there is no work for the global hotkey's title-scrape and search to do; and if I never invoke it, it can never get that search wrong.

    Once I'm at the login page, Alt-Tab Ctrl-V works reliably on any combination of KeePass/KeePassX, OS and browser and is not significantly slower than a global hotkey.

    In effect, my steps 1 and 2 above are just the way I perform your "navigate to site's login page" step, and Alt-Tab Ctrl-V amounts to "press hotkey".


  • BINNED

    @flabdablet said:

    using KeePass as my bookmarks manager

    :doing_it_wrong:



  • How so? It's no more work to bring KeePass to the front than it is to pull up a bookmarks menu.


  • BINNED

    Just use the omnibar/url field/whatsitcalled



  • @flabdablet said:

    I use a lot of different browsers, most of which don't have all the sites I want bookmarked

    Many of those browsers are installed on equipment I don't own. I need a portable bookmarks manager, and KeePass works just fine.



  • @coldandtired said:

    Why not just assign a hotkey in KeePass? Then your whole thing is- navigate to site's login page- press hotkey

    Why not just never log in to anything? Then your whole thing is

    • lie down on the couch
    • open a beer


  • FELLAS. Avoid having to do a single day's work in your life by simply wooing and marrying a queen.

    - P Mountbatten
    London

    http://viz.co.uk/category/top-tips/


Log in to reply