You can clone with
HTTPS or Subversion.
As HTML5 is now officially supported in Contao, I'd like to see password input fields disabling autocomplete in the backend / DCA by default, and maybe some frontend password input fields (most notably the password reset field in the "personal data" module). You should also be able to set the autocomplete attribute via DCA.
What about backwards compatibility / XHTML1 mode? No problem! Though autocomplete is only standardized in HTML5, the attribute has been honoured by most user agents for months and years. All other verions of user agents simply ignore the attribute. It won't validate in non-HTML5 but it won't trigger any error.
Related issues: #2835, #2902
--- Originally created on April 19th, 2011, at 03:58pm (ID 3019)
Does autocomplete off mean that you are not able to use the browser's password manager anymore?
--- Originally created on April 27th, 2011, at 01:53pm
I dont think it is related to the password manager. I tells the browser not to store values you previously entered into that field. Highly important on credit card fields, I suppose password fields are disabled from autocompletition automatically.
--- Originally created on April 27th, 2011, at 02:04pm
It should mean that the user agent won't fill out any input element or form by itself where autocomplete is off. I guess it will disable the password manager if used in a login form (don't know what happens if only used with the password field – might disable auto-write of the password but not user name).
IMO, it should be added to all backend password and other sensitive input fields (to prevent the user agent from accidently entering the backend user's password in another user's password field – see #2835).
It could be added to the backend login form, to prevent people from storing sensitive login data in a browser. It should not be added to any frontend login form.
It could also be added to all backend forms but this could prevent the (very helpful) "previously entered data dropdowns" to disappear. Haven't tested that one yet.
--- Originally created on May 7th, 2011, at 03:28pm
Implemented in b895a58.
--- Originally created on May 30th, 2011, at 03:36pm
--- Originally completed on May 30th, 2011, at 03:36pm
Maybe it's a really good idea to deactivate the autocomplete function of all fields in the configuration and all other backend forms.