[Borges-users] HTMLRenderer extension
Eric Hodel
drbrain at segment7.net
Mon Apr 12 20:10:50 EDT 2004
Eric Hodel (drbrain at segment7.net) wrote:
> Kaspar Schiess (eule at space.ch) wrote:
>
> > r.password_input_on(:password, self)
>
> There's a problem with this one:
>
> > + ##
> > + # Creates a password input containing +value+. It is however
> > + # not a good idea to output the current password to html, since
>
> The way #password_input_on is implemented, it may expose the password to
> the user. Should instead value be set to '********' rather than
> obj.send(sym)?
I pondered, then checked in this version.
Better to be safe.
--
Eric Hodel - drbrain at segment7.net - http://segment7.net
All messages signed with fingerprint:
FEC2 57F1 D465 EB15 5D6E 7C11 332A 551C 796C 9F04
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://rubyforge.org/pipermail/borges-users/attachments/20040412/0edba527/attachment.bin
More information about the Borges-users
mailing list