W3C home > Mailing lists > Public > w3c-wai-ua@w3.org > April to June 2002

Re: [Proposal] New Guideline 6 checkpoints (APIs, Infoset, DOM)

From: Jim Ley <jim@jibbering.com>
Date: Tue, 21 May 2002 14:56:06 -0000
Message-ID: <02f801c200d7$a2e23ea0$ca969dc3@emedia.co.uk>
To: <w3c-wai-ua@w3.org>
"Jon Gunderson" <jongund@uiuc.edu>
> I think that developers will not want to leave a hole open for
> access to secure information.  They can provide a secure API, but I
> think this will work unless we have a spec available to show them now.
> don't think it is part of the current DOM requirements, but if it is
then I
> with draw my suggestion.  I don't think we should require more
> be provided through the API than what the user would get through the
> standard user interface.   You can always do more.

The value of the password element is already exposed in DOM 0 (and
later), the asterixing is purely visual, it's often also misleading to
user/developers that it is in some way more secure than other form
elements, when it is not.  I think it would be more useful to expose the
value rather than the asterix's or blobs that are used now - it doesn't
introduce any new security holes, and the information is not secure.

For genuine secure information, that may be different, but do we have

Received on Tuesday, 21 May 2002 10:56:59 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:49:31 UTC