#29379 closed New feature (fixed)
Add autocomplete attribute to contrib.auth fields
Reported by: | CHI Cheng | Owned by: | Hasan Ramezani |
---|---|---|---|
Component: | contrib.auth | Version: | dev |
Severity: | Normal | Keywords: | |
Cc: | Jeff | Triage Stage: | Ready for checkin |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description (last modified by )
Add autocomplete=username/email/current-password/new-password to contrib.auth builtin forms.
Pull request: https://github.com/django/django/pull/9921
The most useful one is autocomplete=new-password, which prevents browsers prefill with current password, Chrome will also suggest a random strong password for users who turned on account sync.
Related docs:
https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#autofill
https://www.chromium.org/developers/design-documents/form-styles-that-chromium-understands
https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion#The_autocomplete_attribute_and_login_fields
Change History (16)
comment:1 by , 7 years ago
Description: | modified (diff) |
---|
comment:2 by , 6 years ago
Patch needs improvement: | set |
---|
comment:3 by , 6 years ago
Triage Stage: | Unreviewed → Accepted |
---|
comment:4 by , 6 years ago
Cc: | added |
---|
comment:5 by , 6 years ago
Hi, what is the status of this pull request? I just wanted to open the same pull request and then I found this ticket...
comment:6 by , 6 years ago
After months of inactivity, feel free to take over the patch (crediting the original author), and polish it so as it can get in the review queue again.
comment:7 by , 6 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
PR https://github.com/django/django/pull/11070
Just a little change in https://github.com/django/django/pull/9921 so tests are passed.
Do we need to add tests for it? how?
comment:8 by , 6 years ago
Needs documentation: | set |
---|---|
Patch needs improvement: | unset |
Since this is marked as a new feature, you might want to add a line or two to the 3.0 release notes. I don't think you need to add anything to the documentation.
comment:9 by , 6 years ago
Needs documentation: | unset |
---|
comment:10 by , 6 years ago
Needs tests: | set |
---|
comment:11 by , 6 years ago
@Johannes Hoppe , I did your requested changes on the PR.
Any suggestion for the tests?
comment:13 by , 5 years ago
Triage Stage: | Accepted → Ready for checkin |
---|
This seems OK/good in theory. We're a bit ahead of the curve in terms of current browser support so there's a question about when (and whether) this gets adopted.
PR has failures that need addressing.