Re: ACTION-2079: Draft ¨host language should¨ language for password that they should restrict elements it can apply to, with input from minutes of 2 june 2016 meeting (Accessible Rich Internet Applications Working Group) from Michael Cooper on 2016-06-03 (public-aria@w3.org from June 2016)

From: Michael Cooper <cooper@w3.org>
Date: Fri, 3 Jun 2016 17:18:34 -0400
To: Accessible Rich Internet Applications Working Group <public-aria@w3.org>
Message-ID: <5fd29d08-596a-78ee-7bae-05312516b46c@w3.org>

Recommendation that host languages restrict where password can be used:

http://rawgit.com/w3c/aria/ACTION-2079/aria/aria.html#password

    Using the |password| role on elements that would not accept
    passwords could create a security risk in conforming user agents,
    prompting users to enter a password in an inappropriate place where
    it could be accidentally exposed. Therefore, host languages /SHOULD/
    restrict use of the |password| role to elements that accept text
    input from users, and only when within a form submission context.

Michael

On 02/06/2016 1:25 PM, Accessible Rich Internet Applications Working 
Group Issue Tracker wrote:
> ACTION-2079: Draft ¨host language should¨ language for password that they should restrict elements it can apply to, with input from minutes of 2 june 2016 meeting (Accessible Rich Internet Applications Working Group)
>
> http://www.w3.org/WAI/ARIA/track/actions/2079
>
> On: Michael Cooper
> Due: 2016-06-09
>
> If you do not want to be notified on new action items for this group, please update your settings at:
> http://www.w3.org/WAI/ARIA/track/users/34017#settings
>

Received on Friday, 3 June 2016 21:18:37 UTC