From: Karl Dahlke <eklhad@comcast.net>
To: Edbrowse-dev@lists.the-brannons.com
Subject: [Edbrowse-dev] Disabling local echo for password fields
Date: Sun, 09 Jul 2017 17:45:13 -0400 [thread overview]
Message-ID: <20170609174513.eklhad@comcast.net> (raw)
In-Reply-To: <20170709144030.GA24038@nautica>
[-- Attachment #1: Type: text/plain, Size: 2160 bytes --]
I got the patch out of github, it will take a while to look through, not a lot of code but a lot of little changes all over the place.
Here is the ipass block with some thoughts.
/* special command for hidden input */
if (!strncmp(line, "ipass", 5)) {
char *p, *c;
char buffer[MAXUSERPASS];
int realtotal;
if (!cw->browseMode && (cmd == 'i' || cx)) {
# why query cmd and cx, neither has been set to anything at this point.
# cmd is the default p for print, I think.
setError(MSG_NoBrowse);
return false;
}
if (endRange > startRange && cmd == 'i') {
# again, cmd will not be set to i.
# Did you test all these cases? 1,3ipass will probably not fall into this
# block the way you want it to. You should test every pathway.
setError(MSG_RangeI, c);
# c has not been set.
# setError(MSG_RangeI, '=');
return false;
}
s = line + 5;
# is cx set to 0 at this point? I think so.
if (isdigitByte(*s))
cx = strtol(s, (char **)&s, 10);
else if (*s == '$')
cx = -1, ++s;
/* XXX try to guess cx if only one password input field? */
cw->dot = endRange;
p = (char*)fetchLine(cw->dot, -1);
findInputField(p, 1, cx, &n, &realtotal, &tagno);
debugPrint(5, "findField returns %d.%d", n, tagno);
if (!tagno) {
fieldNumProblem(0, "ipass", cx, n, realtotal);
return false;
}
prompt_and_read(MSG_Password, buffer, MAXUSERPASS,
MSG_PasswordLong, true);
tagList[tagno]->itype = INP_PW;
# Hold it! I have a real problem overriding the html tag type.
# Mostly on philosophical grounds. I think others will as well.
# Chris says it is always password when it's suppose to be a password,
# almost always, so don't think we should change it.
# In an extreme case it could have been a select list, menu of choices,
# and now it's just a password text field and I'm sure that will
# make something blow up somewhere.
rc = infReplace(tagno, buffer, true);
return rc;
}
I haven't looked at the other routines.
edbrowse is a fragile thing, maybe because it isn't coded well,
I admit that, it just means we have to look at each line of code as it walks in the door.
Karl Dahlke
next prev parent reply other threads:[~2017-07-09 21:44 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-03 5:19 Dominique Martinet
2017-07-03 11:29 ` Karl Dahlke
2017-07-07 12:13 ` Chris Brannon
2017-07-07 13:35 ` Dominique Martinet
2017-07-09 14:40 ` Dominique Martinet
2017-07-09 15:45 ` Karl Dahlke
2017-07-09 21:45 ` Karl Dahlke [this message]
2017-07-10 4:56 ` Dominique Martinet
2017-07-11 4:32 ` Chris Brannon
2017-07-12 6:11 ` Dominique Martinet
2017-07-12 12:27 ` Chris Brannon
2017-07-12 12:55 ` Dominique Martinet
2017-07-12 14:32 ` Chris Brannon
2017-07-12 15:02 ` Dominique Martinet
2017-07-12 22:00 ` Chris Brannon
2017-07-12 16:56 ` Karl Dahlke
2017-07-12 12:44 ` Karl Dahlke
2017-07-15 11:29 ` Dominique Martinet
2017-07-15 12:27 ` Chris Brannon
2017-07-15 23:42 ` Karl Dahlke
2017-07-16 2:22 ` Chris Brannon
2017-07-17 14:04 ` Chris Brannon
2017-07-17 14:39 ` Dominique Martinet
2017-07-17 14:45 ` Chris Brannon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170609174513.eklhad@comcast.net \
--to=eklhad@comcast.net \
--cc=Edbrowse-dev@lists.the-brannons.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).