[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Outstanding critical issue for KDE 2.2
From:       Waldo Bastian <bastian () kde ! org>
Date:       2001-08-01 21:49:39
[Download RAW message or body]

On Wednesday 01 August 2001 02:38 pm, Andreas Pour wrote:
> Hi,
>
> Is that perhaps overkill?  From what I gather, passwords are already
> protected, and the only other item we are concerned about is credit card
> numbers.  Well, those are relatively easy to identify:  '^[0-9 -]{6,}$'
> (this net is too large as well but I would think most other forms with
> over 5 chars have at least one alpha character).  Maybe just disable if
> that regex matches?  I think we will get 1,000,000 bug reports saying
> "form completion does not work sometimes", and really it would not be
> unreasonable to consider complete disabling of auto-completion based on
> http/https a UI bug.

That might work. Aren't credit card input fields sometimes split into 3 
seperate fields though? Maybe something like "don't store anything with more 
numbers than other characters". That would probably exclude dates and phone 
numbers as well though, I guess that's a small price to pay.

Cheers,
Waldo
-- 
Andrei Sakharov, Exiled 1980-1986, USSR, http://www.aip.org/history/sakharov/
Dmitry Sklyarov, Detained 2001-????, USA, http://www.elcomsoft.com/

[prev in list] [next in list] [prev in thread] [next in thread]