[TYPO3-core] RFC #12236: Password-field in "User Settings" is prefilled, which does not make sense
Ernesto Baschny [cron IT]
ernst at cron-it.de
Thu Oct 15 13:58:03 CEST 2009
Felix Oertel schrieb:
> Hi
>
> Martin Kutschker schrieb:
>> Usability (and security) must have more weight then adhering to any
>> standard.
>
> I don't think so.
>
> Adhering to a standard is not just a fancy thing but neccassery. It is
> the foundation for supporting older browsers, other devices and give
> disabled people the possibility to use TYPO3.
>
> We should stick to the standards wehre ever it is possible. I would
> suggest to set the attribute by JS setAttribute("autocomplete", "off")
> as long as w3c does not support autocomplete.
I think this won't make the code more valid, just more complex. You are
just going around the "validators" which handle only static XHTML: the
DOM still will have this non-valid attributes, and this is not allowed
too. So your solution also goes against your arguments about standard
compliancy at "any cost".
I also see no reason not to use this attribute in our backend output, as
it can be considered a "de facto" standard for this functionality. And
while the W3C fights with itself to get this solved, we need something
working *now*.
Cheers,
Ernesto
More information about the TYPO3-team-core
mailing list