W3C home > Mailing lists > Public > public-html@w3.org > July 2009

Re: <input type="number"> restricting user input to only valid characters

From: Ian Hickson <ian@hixie.ch>
Date: Tue, 14 Jul 2009 05:29:43 +0000 (UTC)
To: "Michael A. Puls II" <shadow2531@gmail.com>
Cc: public-html@w3.org
Message-ID: <Pine.LNX.4.62.0907140527390.23663@hixie.dreamhostps.com>
On Fri, 19 Jun 2009, Michael A. Puls II wrote:
> With <input type="number">, if a user enters "abc" for example, the 
> specs says to handle that as if the value is an empty string.

No, the spec doesn't say how to handle it. That's a user interface issue, 
out of scope of the spec.

It does say, however, that:

# User agents must not allow the user to set the value to a string that is 
# not a valid floating point number.

...so if the user does enter "abc", it won't affect the element's value.

> However, should the UA even allow the user to enter those characters in 
> the field? It seems like if the keypress is not one of "-+.e0123456789" 
> (or "," instead of "." depending on the locale), then the keypress 
> should be prevented. Or, if a value that's pasted into the field that's 
> invalid should be prevented.

That's up to the UA.

> Or, is validation only meant for when it's time to submit?

Validation is independent of user entry. It's not possible for "abc" to 
become the value through user interaction.

> Or, is this one of things where "The UA can do whatever it wants"? If 
> so, is there any common practice that should be followed with user input 
> in this case?

I don't know of any common practices yet.

Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Tuesday, 14 July 2009 05:30:18 UTC

This archive was generated by hypermail 2.4.0 : Saturday, 9 October 2021 18:44:51 UTC