form security stuff
Dirk Mueller
mueller at kde.org
Sat Apr 19 19:10:59 CEST 2003
On Fre, 18 Apr 2003, George Staikos wrote:
> Isn't this effectively the same situation that caused a huge long thread on
> kde-core-devel over a year ago? This is the behaviour I want anyways, so I'm
> happy.
Well, I am not :-)
It seems I misunderstood the purpose of the patch. Testing further with IE
is that this is about *completion*, not about session history.
As we already implement fully the autocomplete IE extension I don't see any
further reason for merging this code. After all for me the whole purpose of
completion is to not type in my personal address etc each and every time. If
we disable completion in https forms, we can as well remove completion
alltogether.
I've retested Mozilla and it behaves similiar. So in my opinion removing
autocompletion goes to far, and if somebody manages to read the
~/.kde/share/apps/khtml/formcompletions file the LEAST of your worries is
your email or postal address that might get stolen.
> We'll have to enhance for KWallet again too.
Like.. make it work? :-) SCNR, but I'd love to see this, for storing
passwords and being able to autocomplete them in webforms (annoying bugzilla
asking for the password each and every time).
--
Dirk
More information about the Khtml-devel
mailing list