Sometimes the submitted text is not expected to show up as default
when the form is redisplayed after an error; password fields are
the obvious example for this, but in some cases (e.g. two-factor
token) it is useful for a normal text field to act like that as well.
The patch adds a new 'persistent' flag to HTMLTextField, which
defaults to false for passwords and true otherwise.
Change-Id: If0a52f61aa061bbb55bfdc76321ace7d3eaed934
return null;
}
+ public function isPersistent() {
+ if ( isset( $this->mParams['persistent'] ) ) {
+ return $this->mParams['persistent'];
+ }
+ // don't put passwords into the HTML body, they could get cached or otherwise leaked
+ return !( isset( $this->mParams['type'] ) && $this->mParams['type'] === 'password' );
+ }
+
function getInputHTML( $value ) {
+ if ( !$this->isPersistent() ) {
+ $value = '';
+ }
+
$attribs = [
'id' => $this->mID,
'name' => $this->mName,
}
function getInputOOUI( $value ) {
+ if ( !$this->isPersistent() ) {
+ $value = '';
+ }
+
$attribs = $this->getTooltipAndAccessKey();
if ( $this->mClass !== '' ) {