[
https://issues.apache.org/jira/browse/TOBAGO-1904?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16512336#comment-16512336
]
Hudson commented on TOBAGO-1904:
--------------------------------
SUCCESS: Integrated in Jenkins build Tobago Trunk #1459 (See
[https://builds.apache.org/job/Tobago%20Trunk/1459/])
TOBAGO-1904: Password fields shouldn't render it's value (lofwyr: rev
4337c121dc5f5edac42e297fd92edbe35b1e47a7)
* (edit)
tobago-core/src/main/java/org/apache/myfaces/tobago/internal/renderkit/renderer/InRenderer.java
* (edit) tobago-example/tobago-example-demo/src/main/webapp/login.xhtml
> Password fields shouldn't render it's value
> -------------------------------------------
>
> Key: TOBAGO-1904
> URL: https://issues.apache.org/jira/browse/TOBAGO-1904
> Project: MyFaces Tobago
> Issue Type: Improvement
> Components: Themes
> Reporter: Udo Schnurpfeil
> Assignee: Udo Schnurpfeil
> Priority: Major
> Fix For: 2.1.2, 3.0.7, 4.3.0
>
>
> Because of security reasons...
> It's not a "high risk", but it will enhance the security. Some web security
> checker test this behaviour.
> Disadvantage: If you have e.g. a registration form with password field, you
> have to retype the password (sometime in two fields), when there is some
> issue with the rest of the form (e.g. didn't fill a required field).
> In such a case the page design might be better, typing the password in an
> extra step.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
