[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Outstanding critical issue for KDE 2.2
From:       Andreas Pour <pour () mieterra ! com>
Date:       2001-08-01 21:38:09
[Download RAW message or body]

Roberto Teixeira wrote:
> 
> Em Quarta 01 Agosto 2001 16:57, Waldo Bastian escreveu:
> > On Wednesday 01 August 2001 12:53 pm, Roberto Teixeira wrote:
> > > Em Quarta 01 Agosto 2001 18:52, Torsten Rahn escreveu:
> > > > Malte Starostik wrote:
> > > > > Hmm, indeed. Would it be okay to simply disable auto completion for
> > > > > now (to not introduce a new string for the config dialog :)?
> > > >
> > > > Why would one need a new string for the config-dialog here?
> > >
> > > An option like "Do not use AutoCompletion on encrypted sites"?
> >
> > Sorry, security is not optional.
> 
> That would make a nice .sig file ;-)
> 
> You're right, though. It makes a lot more sense to simply disable
> autocompletion on encrypted pages.

Hi,

Is that perhaps overkill?  From what I gather, passwords are already
protected, and the only other item we are concerned about is credit card
numbers.  Well, those are relatively easy to identify:  '^[0-9 -]{6,}$'
(this net is too large as well but I would think most other forms with
over 5 chars have at least one alpha character).  Maybe just disable if
that regex matches?  I think we will get 1,000,000 bug reports saying
"form completion does not work sometimes", and really it would not be
unreasonable to consider complete disabling of auto-completion based on
http/https a UI bug.

Ciao,

Dre

[prev in list] [next in list] [prev in thread] [next in thread]