-
FEATURED COMPONENTS
First time here? Check out the FAQ!
I had a problem where the browser autofilling the login fields will not update the corresponding ViewModel variables.
After searching some solutions (and finding out some old threads with solutions that didn't work on my case) I have done something like this, and it works.
<zk xmlns:n="native">
<window id="loginbox" apply="org.zkoss.bind.BindComposer" viewModel="@id('vm') @init('package.AuthenticationVM')">
<div>
<textbox id="userinput" value="@bind(vm.username)" constraint="no empty" instant="true" />
<textbox id="pwdinput" value="@bind(vm.password)" type="password" constraint="no empty" instant="true" />
<button id="btnSubmit" onClick="@command('submit')"
label="Sign In" />
</div>
<script defer="true">
jq('$btnSubmit').click(function() {
fixAutofill();
});
function fixAutofill() {
jq('$userinput').blur();
jq('$pwdinput').blur();
}
</script>
</window> </zk>
Is this a good solution? Can it be improved? Is it secure to have a password handled like this?
Hello MaurizioB,
As per security probably is not the best approach since autofill could expose users to security risks.
http://www.thewindowsclub.com/browser-autofill-feature-could-be-a-security-risk-for-users
Best Regards,
Darksu
Hi Darksu, from my understanding, the issue is not about whether autofill is risky or not, because that's up to the user's choice. The problem I see and I experience as well is that form's fields are filled by Chrome but ZK does not recognize it. So the user ends up to seeing a pre-filled form with username and password but when she/he hits the Submit button she/he gets error message. That could mislead her/him to press the "forgot password" button. That's crearly an annoying behaviour.
Asked: 2017-03-10 14:38:19 +0800
Seen: 47 times
Last updated: Mar 13 '17