[TYPO3-core] RFC #12236: Password-field in "User Settings" is prefilled, which does not make sense
Marc Wöhlken
woehlken at quadracom.de
Thu Oct 15 12:54:17 CEST 2009
Martin Kutschker schrieb:
> Mathias Schreiber [wmdb >] schrieb:
>> Steffen Gebert schrieb:
>>> So the current behaviour, if auto-filling is enabled, is not really
>>> user-friendly
>>>
>>> Solution:
>>> Add attribute autocomplete="off" to the <input type="password"> [1,2]
>> Though I generally agree, I'm not sure if autocomplete="off" is XHTML
>> compliant.
>> I just wanted to mention this because Patrick might remove it sooner or
>> later due to his "crusade"
>
> Usability (and security) must have more weight then adhering to any standard. If someone argues that
> all BE pages must validate then my answer is that we simply have to change the DTD. Any DTD can be
> extended! Let's use a custom one that adds autocomplete.
A way to stay standard compliant (in terms of page validation) would be
to set autocomplete="off" via javascript after the page has benn loaded.
Marc
--
...........................................................
Marc Wöhlken TYPO3 certified intregator
Quadracom - Proffe & Wöhlken
Rembertistraße 32 WWW: http://www.quadracom.de
D-28203 Bremen E-Mail: woehlken at quadracom.de
______________ PGP-Key: http://pgp.quadracom.de
More information about the TYPO3-team-core
mailing list