Stdin should be an error on platforms that don't support it

[back2dos]

Followup on #18

[kevinresol]

Was thinking how to deal with https://github.com/haxetink/tink_cli/issues/2, is it possible that tink_io provide some sort of "secureStdin" which will not echo user's input to the screen?

The haxelib implementation is here.

[back2dos]

My advice: don't follow that path, for at its end lies only madness! :D

In essence Sys.getChar(false) is a lot different from reading from stdin. It puts the input stream into raw mode, assuming it's a tty (TeleTYpewriter) stream, in which case you can read raw keystrokes (so Ctrl+C won't send a SIGTERM but rather an ASCII control sequence - which is why you can't exit in haxelib's password prompt). The docs of node's tty module explain that. So for example if you pipe a file into a process it's not a tty stream, so you can't set it to raw mode.

If you still want to plunge into this, I suggest having a look at node's readline module that can be used for password input as discussed here: http://stackoverflow.com/questions/24037545/how-to-hide-password-in-the-nodejs-console

[kevinresol]

I suggest having a look at node's readline module

Yay I just read that. I think I have an idea now. So basically it is just reading the stdin one byte at a time and write some escape sequences to stdout to wipe out the stuff.

[kevinresol]

But I am afraid the escape sequence won't work on windows cmd prompt. Have to test.