W3C home > Mailing lists > Public > whatwg@whatwg.org > July 2011

[whatwg] <input type="password">... restrict reading value from JS?

From: Dennis Joachimsthaler <dennis@efjot.de>
Date: Sun, 10 Jul 2011 22:11:00 +0200
Message-ID: <op.vye6cmfc48yz2f@dennis-laptop.speedport-w-303v-typ-a>
Hello,

Opera, for example, requires you to hit the "wand" or "login" button before
it even does any autocompletion.

I wish all browsers would implement it like this instead of just... Filling
it out before the user can interact. Makes reading easy.



Am 10.07.2011, 21:17 Uhr, schrieb Michal Zalewski <lcamtuf at coredump.cx>:

>> How about deleting the value if the input type is changed away from the
>> secure password input type AND that the secure password can only be
>> submitted to a similar URI.
>
> Instead of a complicated technical solution, some browsers require a
> distinctive user gesture before autocompleting login forms. But then,
> other vendors believe that this is unacceptable from usability
> perspective.
>
> /mz


-- 
Erstellt mit Operas revolution?rem E-Mail-Modul: http://www.opera.com/mail/
Received on Sunday, 10 July 2011 13:11:00 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:34 UTC