Tapestry 5
  1. Tapestry 5
  2. TAP5-87

PasswordField should not update its value parameter when the submitted value is blank

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 5.0.15
    • Fix Version/s: 5.0.16
    • Component/s: None
    • Labels:
      None

      Description

      Currently, the PasswordField component does not display it's value. Although this indeed represents best practices in handling passwords (e.g. if the password field did display its value although masked, it would still be visible in the source), the current behavior stumps new users and unnecessarily enforces a particular process (e.g. never display the password) or forces a user to split page containing the password field (e.g. what would have other in orderwise been a single page to create and update a value, now has to be two different pages) to avoid validation issues.

      The requested parameter (e.g. "displayValue") would contain a warning in bold that displaying the password value could be a security issue (and potentially log a warning). The default value of the parameter should be "false", that is it wouldn't display the password, unless explicitly enabled.

        Activity

        Hide
        Martijn Brinkers added a comment -

        It would be nice if a "reveal password" button could be added as well. By default the password will be show with stars '*' but when the button 'reveal password' is pressed the password will be show.

        Show
        Martijn Brinkers added a comment - It would be nice if a "reveal password" button could be added as well. By default the password will be show with stars '*' but when the button 'reveal password' is pressed the password will be show.
        Hide
        Ulrich Stärk added a comment -

        I believe a better approach would be to leave the behaviour as it is but change the way passwordfield handles blank input. Right now it updates the value to blank an thus causes validation issues or blanks a formerly set password. It should contain some logic to see whether a value is set and only update this value (and cause validation) when the user actually enters something.

        Show
        Ulrich Stärk added a comment - I believe a better approach would be to leave the behaviour as it is but change the way passwordfield handles blank input. Right now it updates the value to blank an thus causes validation issues or blanks a formerly set password. It should contain some logic to see whether a value is set and only update this value (and cause validation) when the user actually enters something.

          People

          • Assignee:
            Howard M. Lewis Ship
            Reporter:
            Alex Kotchnev
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development