Þann sun 10.júl 2011 08:08, skrifaði Alex Vincent:
/**
* Check if a password field's value matches another.
*
* @param otherPassword Another password element.
*
* @throws Error if this.type != "password"
* @throws Error if other.type != "password"
*
* @returns Boolean True if the fields match.
*/
boolean passwordEquals(in HTMLInputElement otherPassword);
I believe this to belong to CSS. User agents could either ask or require
users to input error-prone and important fields twice, without
submitting the same value twice. This could be the default rendering (in
some UAs) for strong inputs (i.e. <input> descendants of <strong>). This
has the potential benefit of allowing media-aware prefixes for locales
where that makes sense (as in 'Retype Password' vs 'Confirm Password').
Note that the confirmation input in
<http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#the-required-attribute>
is optional.
<!DOCTYPE html>
<title>Register a FooBar account</title>
<form action=register method=POST>
<label>Username <input name=user required></label>
<strong><input type=password name=pass required></strong>
</form>
/**
* Check the strength of the password.
*
* @param type The type of check to execute.
*
* @returns 0 if dangerously low security
* @returns 1 if "soon-to-be-deprecated" low security
* @returns 2 if adequate security
* @returns 3 if good security
* @returns 4 if strong security
* @returns 5 if entropy-death-of-the-universe security :-)
*/
unsigned octet passwordStrength(in DOMString type);
I don't think this is a good idea. Can't user-agents warn about insecure
passwords without the help of author-supplied scripts?