Sharing with password -- Pressing enter to save password cannot be discovered

[fmms]

I tried to reproduce http://article.gmane.org/gmane.comp.kde.devel.owncloud/6035 to open a bug for it.

However, I came to realize that it does not work at all. Setting the expiration date or enabling sharing is saved without an issue.

However, if i open the share menu and enter a password (press the lock icon) this is not saved. Looking at Firebug, nothing is transfered to the server doing so.

However there is no error message and thus I by accident shared without any password at all.

This is FF16 and ownCloud git.

[LukasReschke]

This may be related to oc-1949:

You have to hit enter after you type in a password and then it should say 'Password protected' inside the textbox. I'm not sure if this is the best user experience.

Can you confirm this?

[fmms]

Thanks alot @LukasReschke this was indeed the issue.

I think this is totally none discoverable.

Submitting the password after every key stroke seems like a security issue, as an attacker could see how long it is by counting requests.
I would suggest submit it on leaving the field or closing the menu.

Thanks for you quick help, would have never discovered that.

[LukasReschke]

I would suggest submit it on leaving the field or closing the menu.

This sounds resonable.

@MTGap what do you think?

[jancborchardt]

Yes, submit on blur is good, and there needs to be some feedback like on the email field in the personal settings. (Or better yet, like the account settings fields here on Github with just a checkmark.)

[schiessle]

I changed it to set the new password as soon as the password filed loses focus.