X-Git-Url: https://git.cyclocoop.org/%28%28?a=blobdiff_plain;f=includes%2Fhtmlform%2FHTMLTextField.php;h=671dfdeee21857b649c84a5a3c12387a320e3925;hb=da1e91e84269a034ac2d3d48f0016718e2150ab7;hp=fb7584b7d11227ece1916e6e64ab2f932801af8d;hpb=26ff4482ae7db2f8171ad324065789878ddd26e4;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/htmlform/HTMLTextField.php b/includes/htmlform/HTMLTextField.php
index fb7584b7d1..671dfdeee2 100644
--- a/includes/htmlform/HTMLTextField.php
+++ b/includes/htmlform/HTMLTextField.php
@@ -14,7 +14,19 @@ class HTMLTextField extends HTMLFormField {
 		return null;
 	}
 
+	public function isPersistent() {
+		if ( isset( $this->mParams['persistent'] ) ) {
+			return $this->mParams['persistent'];
+		}
+		// don't put passwords into the HTML body, they could get cached or otherwise leaked
+		return !( isset( $this->mParams['type'] ) && $this->mParams['type'] === 'password' );
+	}
+
 	function getInputHTML( $value ) {
+		if ( !$this->isPersistent() ) {
+			$value = '';
+		}
+
 		$attribs = [
 				'id' => $this->mID,
 				'name' => $this->mName,
@@ -85,6 +97,10 @@ class HTMLTextField extends HTMLFormField {
 	}
 
 	function getInputOOUI( $value ) {
+		if ( !$this->isPersistent() ) {
+			$value = '';
+		}
+
 		$attribs = $this->getTooltipAndAccessKey();
 
 		if ( $this->mClass !== '' ) {
@@ -107,11 +123,9 @@ class HTMLTextField extends HTMLFormField {
 			'type',
 		];
 
-		$attribs += $this->getAttributes( $allowedParams, [
-			'maxlength' => 'maxLength',
-			'readonly' => 'readOnly',
-			'tabindex' => 'tabIndex',
-		] );
+		$attribs += OOUI\Element::configFromHtmlAttributes(
+			$this->getAttributes( $allowedParams )
+		);
 
 		$type = $this->getType( $attribs );