On Mon, 9 Jun 2025 02:36:44 GMT, Jeremy Wood <d...@openjdk.org> wrote:
> There were a few action bindings available in JPasswordFields in Aqua that > let you identify the boundaries of words. > > This came to my attention while looking at the related work > https://github.com/openjdk/jdk/pull/25443 . In that PR we said we should > iterate across all available L&Fs, so this PR copies that same approach. (The > original complaint only focused on Aqua, though.) IMO this PR is a simple response that interfaces with an existing method. I recommend this approach because it should be relatively low-risk, and it is based on existing precedent. By contrast: #25443 does something more aggressive (and interesting). It replaces selectWordAction with selectLineAction. That looks (to me) like a more thorough/better approach to the general problem of accidentally interacting with words in a password field. This PR should resolve any *KeyStroke-based* actions, but in JDK-8354646 the original complaint had to do with double-clicking the mouse; so this PR wouldn't impact those steps. I haven't explored this thoroughly yet, but glancing through the AccessibleJTextField suggests an AX interface could still have access (via AccessibleActions) to the word-related actions we're trying to restrict access to. If so: this problem (accessing words in a password field) keeps popping up, and removing/replacing the unwanted actions seems like the most thorough response. (Also see JDK-6191897 and JDK-4231444 ). ------------- PR Comment: https://git.openjdk.org/jdk/pull/25688#issuecomment-2954485278
