- From: Roger Hågensen <rescator@emsai.net>
- Date: Fri, 14 Nov 2014 04:17:47 +0100
- To: whatwg@lists.whatwg.org
On 2014-11-14 02:49, Glenn Maynard wrote: > Unfortunately, even if a couple pages have a legitimate use for a > feature, when countless thousands of pages abuse it, the feature needs > to go. The damage to people's day-to-day experience outweighs any > benefits by orders of magnitude. >> Also, banks generally prefer to have autocomplete="off" for credit card >> numbers, names, addresses etc. for security reasons. And that is now to be >> ignored? > Yes, absolutely. My bank's preference is irrelevant. It's my browser, not > my bank's. This is *exactly* the sort of misuse of this feature which > makes it need to be removed. > By default ignoring autocomplete="off" (unless the user crawls into the browser settings, possibly under advanced settings somewhere?) then those who miss-use it today will continue to do so. Take the following example (tested only in Firefox and Chrome). http://jsfiddle.net/gejm3jn1/ Is that what you want them to start doing? If a bank or "security" site wishes to have input fields without autocomplete they can just use textarea. Are you going to enforce autocomplete="on" for textarea now? Why not improve the way autocomplete works so there is a incentive to use it the right way? (sorry I don't have any clever suggestions on that front). My only suggestion now is: Default to autocomplete="off" working just as today. Provide a setting under Privacy settings in the browser (global). There are also per site privacy settings possible so (site specific). Then add a contexts menu to all input field where autocomplete can be enabled/disabled. (Spellcheck already does this for example in most browsers). -- Roger "Rescator" Hågensen. Freelancer - http://www.EmSai.net/
Received on Friday, 14 November 2014 03:18:15 UTC