Bug 6598 (int-150992)

Summary: Browser should display passwords one character at a time like other applications
Product: [Maemo Official Applications] Browser Reporter: David W. Aquilina <maemo-bz>
Component: User interfaceAssignee: unassigned <nobody>
Status: RESOLVED FIXED QA Contact: browser-bugs
Severity: normal    
Priority: Low CC: andre_klapper, bonerp, darryl-mailinglists, tuukka.tolvanen
Version: 5.0/(2.2009.51-1)Keywords: upstream
Target Milestone: 5.0/(10.2010.19-1)   
Hardware: All   
OS: All   
URL: https://bugzilla.mozilla.org/show_bug.cgi?id=514212

Description David W. Aquilina (reporter) 2009-12-05 04:45:05 UTC 
SOFTWARE VERSION: 1.2009.42-11.002
(Settings > General > About product)

EXACT STEPS LEADING TO PROBLEM: 
(Explain in detail what you do (e.g. tap on OK) and what you see (e.g. message
Connection Failed appears))
1. Go to a site where you need to login, such as
https://www.livejournal.com/login.bml
2. Enter your username. 
3. Enter your password. Note that unlike other applications in the system (such
as Settings -> VoIP and IM accounts -> New account setup) the characters are
not momentarily displayed as you type them. The browser does however realize
that it's a password as it displays asterisks. 

EXPECTED OUTCOME: Character you type is momentarily displayed before being
replaced with an asterisk.

ACTUAL OUTCOME: You only see asterisks, making it harder to accurately enter in
passwords. 

REPRODUCIBILITY: always

EXTRA SOFTWARE INSTALLED: AdBlock
Comment 1 timeless 2009-12-05 19:21:19 UTC 
Sorry, we're not going to fix this.

The code is owned and maintained by mozilla.org. If you think this would be a
useful feature for Mozilla's Mobile Firefox product, then please use
https://bugzilla.mozilla.org/enter_bug.cgi?product=Fennec to report the problem
to them.
Comment 2 David W. Aquilina (reporter) 2009-12-05 19:29:37 UTC 
Okay, I'll file a bug with Mozilla, however, I do think this is a bit lame:

Part of the role of a distributor should be to make the system a coherent
whole. The fact that the Browser behaves differently than the rest of the
system is mentally jarring, in this case very inconvenient, and results in a
worse customer experience.
Comment 3 timeless 2009-12-05 19:32:41 UTC 
FWIW, we have sign off for "the browser is the browser and the platform is the
platform".

Please do provide the url for your newly filed bug here. If it's fixed by
upstream for 1.9.2 soon enough, there's hope of us integrating it into some
future service release.

But simply put, we have very limited resources and the password field is
incredibly sensitive code. Setting virtually any of our engineers against that
code is like setting a bull loose in a china shop - sure, it might make it out
the other end, but....
Comment 4 David W. Aquilina (reporter) 2009-12-05 20:32:40 UTC 
Understood regarding the sensitivity of password handling... 

I've filed a bug with mozilla:
https://bugzilla.mozilla.org/show_bug.cgi?id=533095
Comment 5 timeless 2009-12-05 21:04:45 UTC 
thanks
Comment 6 David W. Aquilina (reporter) 2009-12-07 17:18:39 UTC 
Hit the wrong bug... oops.
Comment 7 Andre Klapper maemo.org 2009-12-09 22:09:54 UTC 
Fixed upstream in 1.9.2.
Comment 8 timeless 2009-12-10 02:20:40 UTC 
For reference, the fix is gated by 'MOZ_GFX_OPTIMIZE_MOBILE', i have no idea if
we currently use that gate (it seems like an awfully strange gate for a feature
relating to keyboard behavior, but hey).

If we've pulled in that part of 1.9.2 and if we have that define, then this
might be fixed in a future release (note that 1.9.2 will not come with the
first service release, it might come with the second if all the stars align).
Comment 9 timeless 2010-01-13 17:22:35 UTC 
*** Bug 7911 has been marked as a duplicate of this bug. ***
Comment 10 Andre Klapper maemo.org 2010-02-03 19:35:33 UTC 
*** Bug 6966 has been marked as a duplicate of this bug. ***
Comment 11 tuukka.tolvanen nokia 2010-02-04 04:00:43 UTC 
fixed @ 10.2010.05-4
Comment 12 Andre Klapper maemo.org 2010-03-15 20:51:20 UTC 
Setting explicit PR1.2 milestone (so it's clearer in which public release the
fix will be available to users).

Sorry for the bugmail noise (you can filter on this message).