I've always considered this a bit of a security flaw. Using the javascript
console you can show the password in plain text.
Eg:
alert(document.getElementById('password').value);
On 3 Aug 2015 21:13, "Thiago H de Paula Figueiredo" <thiag...@gmail.com>
wrote:
> On Mon, 03 Aug 2015 15:04:27 -0300, Christine <myli...@christine.nl>
> wrote:
>
> I have a form with a password field. It gets pre-filled with a previously
>> used password string. How can I prevent the browser and/or Tapestry from
>> putting a value in the password field?
>>
>
> This is actually done by the browser, not Tapestry, which never prefills
> password fields. I believe you should add autocomplete="false" to your form
> or password field. More information here:
> https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion
> .
>
> --
> Thiago H. de Paula Figueiredo
> Tapestry, Java and Hibernate consultant and developer
> http://machina.com.br
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
