[
https://issues.apache.org/jira/browse/WICKET-6660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16829581#comment-16829581
]
Sven Meier commented on WICKET-6660:
------------------------------------
I'd expect most people to want their password trimmed - Google does it, Jira
doesn't though:
https://ux.stackexchange.com/questions/75686/why-do-some-websites-including-google-trim-whitespaces-in-passwords
Why do you want to support leading/trailing whitespace in your passwords? Even
if we agreed that this was better (UX?, security?), we couldn't just change it
in Wicket for all applications.
> PasswordTextField should not be trimmed
> ---------------------------------------
>
> Key: WICKET-6660
> URL: https://issues.apache.org/jira/browse/WICKET-6660
> Project: Wicket
> Issue Type: Bug
> Affects Versions: 8.4.0
> Reporter: Dennis Lotz
> Priority: Major
>
> Because {{PasswordTextField}} is a {{FormComponent}} and
> {{shouldTrimInput()}} is not overridden, passwords do get trimmed. Workaround
> is to override the method manually for every {{PasswordTextField. }}
> {code:java}
> new PasswordTextField("password"){
> @Override
> protected boolean shouldTrimInput() {
> return false;
> }
> }
> {code}
> If you use {{org.apache.wicket.authroles.authentication.panel.SignInPanel}}
> this gets very verbose :(
> {code:java}
> add(new SignInPanel("signInPanel") {
> @Override
> protected void onInitialize() {
> super.onInitialize();
> super.getForm().replace(new PasswordTextField("password"){
> @Override
> protected boolean shouldTrimInput() {
> return false;
> }
> });
> }
> });
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
