Of course, right after I send it, I find the updated bug report under Commons Validator, still open:
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=23652 > -----Original Message----- > From: Joe Hertz [mailto:[EMAIL PROTECTED] > Sent: Sunday, November 23, 2003 6:55 AM > To: 'Struts Users Mailing List' > Subject: Password Validation MinLength not checked, not going to be? > > > Depends=required,minlength doesn't work (despite the example > in SIA and all over the net now...). > > According to http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19595 > this bug is marked as WontFix as "Password fields are > deliberately not checked in this way for security reasons" > > Should I interpret this as declarative that any javascript > validation of a password length is inherently insecure???? I > have a hard time believing that given javascript supports > this in the language. > > People keep submitting this one, obviously not getting it (like me!). > > What's the logic here?? > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]