perry-mitchell
commented
1 year ago Hi @Lovinity. Most inputs don't specify an exact number of characters - it's usually not necessary nor predictable. Not only are fonts a tricky thing (so rendering them might look different in different browsers), but peoples' passwords and usernames usually always differ in length. So lengthening/shortening a field isn't usually going to affect the display of data so much. I do agree that there might be cases where it does, such as with say OTP codes, but this is definitely on the rare side.
Right now in the new refactored version, I'm considering allowing 2-3 different modes of operations for the input attachment.. Something like this:
- Option 1: Use the current exterior button
- Option 2: Use an interior button (image that appears inside the input, increasing right-side padding to shorten the text portion)
- Option 3: Use no button at all
For the 3rd option the user can either auto-login via the standard menu or right-click on the input or page to control Buttercup.
I think we can agree that there will never likely be any one-size-fits-all solution here. Maybe this can even be overridden per domain. Maybe we could even have some central database of configurations for domains in terms of what works, and users can benefit from that if they so choose. This is definitely still a WIP.
I've been noticing that when buttercup places its button on input forms, it interferes with HTML sizing conventions.
Let's say I have a username input field that I set to be exactly 10 characters big. When Buttercup places the button on the field, a couple of the characters get hidden (effectively, only 7-8 characters are visible).
A potential solution is for Buttercup to re-size the field to make it bigger and accommodate the button, but this could break website layouts and responsive design.
I think a better approach is not using injected buttons but instead use something that does not modify anything on the page directly (such as a tooltip, floating icon next to the field when the user clicks inside it, etc.). This will ensure web page designs are not broken by the password manager.