[Borges-users] HTMLRenderer extension
Eric Hodel
drbrain at segment7.net
Mon Apr 12 22:44:59 EDT 2004
Eric Hodel (drbrain at segment7.net) wrote:
> Eric Hodel (drbrain at segment7.net) wrote:
>
> > The way #password_input_on is implemented, it may expose the password to
> > the user. Should instead value be set to '********' rather than
> > obj.send(sym)?
>
> I pondered, then checked in this version.
>
> Better to be safe.
Still unsatisfied, I'm now only filling in password_input_on if the
value returned by obj.send(sym) is neither nil nor empty:
value = "" if current_password.nil? or current_password.empty?
--
Eric Hodel - drbrain at segment7.net - http://segment7.net
All messages signed with fingerprint:
FEC2 57F1 D465 EB15 5D6E 7C11 332A 551C 796C 9F04
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://rubyforge.org/pipermail/borges-users/attachments/20040412/d58d0873/attachment.bin
More information about the Borges-users
mailing list