Yeah I thought of the security issue, it seems though quite a few PHP
sites works like that (not to mention, build-in browser functionality
which does the same kind of unsafe client side caching).
In the idiom outlined in your source code, how can the server then
re-authorize without username
On Wed, Dec 3, 2008 at 6:55 AM, Casper Bang [EMAIL PROTECTED] wrote:
Yeah I thought of the security issue, it seems though quite a few PHP sites
works like that (not to mention, build-in browser functionality which does
the same kind of unsafe client side caching).
The browser's saved
James Carman wrote:
The browser's saved passwords support doesn't transmit your password over
HTTP along with the rest of the markup, though. It just remembers it and
auto-populates it for you once it receives the HTML from the site. So, it's
as unsafe as your computer is (hopefully you use a
2008/12/3 James Carman [EMAIL PROTECTED]:
The browser's saved passwords support doesn't transmit your password over
HTTP along with the rest of the markup, though. It just remembers it and
auto-populates it for you once it receives the HTML from the site. So, it's
as unsafe as your computer
user.
Jeremy Thomerson
http://www.wickettraining.com
-- sent from a wireless device
-Original Message-
From: Casper Bang [EMAIL PROTECTED]
Sent: Wednesday, December 03, 2008 5:55 AM
To: users@wicket.apache.org
Subject: Re: Why can't I initialize PasswordTextField?
Yeah I thought
Bang [EMAIL PROTECTED]
Sent: Wednesday, December 03, 2008 5:55 AM
To: users@wicket.apache.org
Subject: Re: Why can't I initialize PasswordTextField?
Yeah I thought of the security issue, it seems though quite a few PHP
sites works like that (not to mention, build-in browser functionality
which
I'm trying to implement credentials memory functionality for a login
form using cookies. I know there's an official example
(http://wicketstuff.org/wicket13/signin2/?x=7*:org.apache.wicket.examples.signin2.SignIn2)
however it simply delegates to some panel which is not available as
source on
May I answer your question with a question?
Why would you want your password field to have the value pre-filled on the
page? Then the password is in plain text available to the user (and
assuming you're not on https, anyone in between). I've never seen an
instance where this was a good idea.
On Wed, 03 Dec 2008, Casper Bang wrote:
on the page. So anyway, it should be simple, and all works great except
that I can not get the password field to get filled out upon page load.
HTML just works that way,
Note that the current value is the text entered by the user, not the
text