Opened 9 years ago
Last modified 9 years ago
#24202 closed New feature
Implement a SensitiveTextInput widget for sensitive input fields — at Version 1
| Reported by: | Håkan W | Owned by: | nobody |
|---|---|---|---|
| Component: | Forms | Version: | 1.7 |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description (last modified by )
If you're implementing Stripe, Adyen, or other big payment solutions today, then you can use client side encryption, where form fields are used for inputting e.g. credit card number (etc), but that will be encrypted before the form is submitted to the server. These fields should not be sent raw to the server, so you usually remove the name attribute on the input fields.
It would be really great if django had a SensitiveTextInput widget for purposes like this. This idea is from here: http://stackoverflow.com/questions/18116917/change-form-input-attribute-name-to-data-encrypted-name
Here's a suggested class:
# a text input widget with no name attribute class SensitiveTextInput(forms.TextInput): def build_attrs(self, extra_attrs=None, **kwargs): attrs = super(SensitiveTextInput, self).build_attrs(extra_attrs, **kwargs) if 'name' in attrs: del attrs['name'] return attrs
Change History (1)
comment:1 by , 9 years ago
| Component: | Uncategorized → Forms |
|---|---|
| Description: | modified (diff) |
| Type: | Uncategorized → New feature |
Note:
See TracTickets
for help on using tickets.