search

My-Little-Forum / mylittleforum

A simple PHP and MySQL based internet forum that displays the messages in classical threaded view (tree structure)
GNU General Public License v3.0
124 stars 48 forks source link

Change: add new attribute "writingsuggestions" with value "false" #744

Closed auge8472 closed 2 months ago

auge8472 commented 2 months ago

When displaying a password input field as plain text (switching input type from password to text) browsers may send the value to a server not only for spellchecking but more recently also to AI. This may be a local browser based but can also be a server based solution. This would result in another cause of exposure of passwords to probably external services.

The new attribute writingsuggestions with the value false prevents AI based suggestions (exposure to the web based AI-service) for the password, if the password is shown as plaintext. This is necessary because the default value of writingsuggestions is true. Whoever made this decision for whatever reason should be struck by lightning while taking a dump!

auge8472 commented 2 months ago

Additional informations via CanIUse?