You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@myfaces.apache.org by "Udo Schnurpfeil (JIRA)" <de...@myfaces.apache.org> on 2018/06/14 11:07:00 UTC
[jira] [Created] (TOBAGO-1904) Password fields shoudn't render it's
value
Udo Schnurpfeil created TOBAGO-1904:
---------------------------------------
Summary: Password fields shoudn't render it's value
Key: TOBAGO-1904
URL: https://issues.apache.org/jira/browse/TOBAGO-1904
Project: MyFaces Tobago
Issue Type: Improvement
Components: Themes
Reporter: Udo Schnurpfeil
Assignee: Udo Schnurpfeil
Because of security reasons...
It's not a "high risk", but it will enhance the security. Some web security checker test this behaviour.
Disadvantage: If you have e.g. a registration form with password field, you have to retype the password (sometime in two fields), when there is some issue with the rest of the form (e.g. didn't fill a required field).
In such a case the page design might be better, typing the password in an extra step.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)