On Wed, Apr 2, 2014 at 10:56 PM, Ian Hickson <i...@hixie.ch> wrote:

> > Also, consider the case of login forms without username fields. You see
> > this sort of thing a lot these days, when sites remember who was last
> > logged in:
> >
> > <form>
> > <label>Password for hober: <input type=password name=pw></label>
> > <p>Not hober? <a href=...>Click here to sign in</a>.
> > </form>
> >
> > It's difficult for tools to manage the user's auth info for such pages.
> > How can tools discover what the username is? The obvious solution, in a
> > world with autocomplete=username, would be to add <input type=hidden
> > autocomplete=username name=username value=hober> to the form.
> So far, autocomplete="" hasn't applied to <input type=hidden>. This would
> be a bit weird, giving it a different meaning than usual (providing
> information to the UA, rather than getting information from the UA). I'm a
> bit skeptical of this kind of overloading.
> Not sure what the right solution is, though.

As Garrett noted, this is already a solution Google is using, though not
with explicit syntax, just taking advantage of existing heuristics. Paving
this (potential) cowpath isn't really that weird.

That said, an alternative might be to add a mechanism of associating
autocompletion metadata with the field in order to give the UA enough
context to fill it in. For example, if a password is being requested for a
known username, that username could be added as an new
"autocomplete-username" attribute (similar to the 'data-*' construct HTML
already supports):

    <input type="password" autocomplete-username="hober">


Mike West <mk...@google.com>
Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91

Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
Geschäftsführer: Graham Law, Christine Elizabeth Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

Reply via email to