Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Role Parity] What do we do about input (type=password)? #935

Open
joanmarie opened this issue Apr 9, 2019 · 19 comments
Open

[Role Parity] What do we do about input (type=password)? #935

joanmarie opened this issue Apr 9, 2019 · 19 comments
Assignees
@stes-acc
Milestone
2024

Comments

@joanmarie
Copy link
Contributor

No description provided.

@joanmarie joanmarie added this to the ARIA 1.2 milestone Apr 9, 2019
@LJWatson
Copy link
Contributor

My concerns with the password role still exist. unless we can guarantee screen reader implementations close the security gap, I don't think we can create this role in good consciounce.

@joanmarie
Copy link
Contributor Author

@LJWatson understood. Related question though: Since one of the primary motivators of parity is to make custom elements / web components accessible, do we happen to know if there's going to be a custom password element?

@LJWatson
Copy link
Contributor

Since one of the primary motivators of parity is to make custom elements / web components accessible, do we happen
to know if there's going to be a custom password element?>

There is already at least one example password Web Component available on webcomponents.org

@jnurthen
Copy link
Member

There is already at least one example password Web Component available on webcomponents.org

Thanks. This example seems to use input type=password as a child element so could be made accessible without a password role.

@jnurthen jnurthen modified the milestones: ARIA 1.2, ARIA 1.3 Sep 26, 2019
@jnurthen
Copy link
Member

As detailed at https://github.com/w3c/aria/wiki/Plans-regarding-role-parity#no-consensus-yet-will-do-for-1-3 moving to 1.3

@johnfoliot
Copy link

There are significant security concerns about this suggestion (role="password") which have been previously discussed in the ARIA WG.

As Léonie notes, until such time as both screen reader vendors AND browser vendors ALL agree to treat this proposed role with all of the same security considerations currently afforded input type="password" (on-screen masking, obfuscated audio output, etc.) I would be prepared to object to the creation of this role, up-to and including a Formal Objection, based on these security concerns.

@jnurthen
Copy link
Member

@johnfoliot threatening a formal objection when moving a milestone to a later release seems excessive. We are all aware of your opinions on this topic.

@johnfoliot
Copy link

johnfoliot commented Sep 27, 2019 via email

@jnurthen
Copy link
Member

  1. The working group was been asked to provide role parity to HTML in the 1.2 timeframe
  2. Issues were logged where there is not parity with HTML
  3. Issues for which there is no clear path forward have been moved to 1.3 at this time.

As I previously said and will say again - the working group is well aware of your objections - and this is one of the reasons we did not propose providing role parity in ARIA 1.2 for password fields. There is no reason to make them again every time minor housekeeping is done on an issue.

@johnfoliot
Copy link

johnfoliot commented Sep 27, 2019 via email

@joanmarie
Copy link
Contributor Author

See also discussion in #166

@joanmarie joanmarie mentioned this issue Nov 19, 2019
Closed
@annevk
Copy link
Member

annevk commented Nov 20, 2019

I think the way to solve this is to not have a public API for the password role (i.e., role="password" is the same as role="gibberish"), but ask it to be implemented for at least <input type=password>. Then if that implementation is solid, make role="password" work as well.

At least, from my reading of @LJWatson's post the primary concern is how this is rolled out and tested and it seems we could be pretty flexible with that.

@johnfoliot
Copy link

@annevk If we have a role of "password" it must operate exactly like the native input type of "password" W.R.T. Screen Reader behavior: visible on-screen text is replaced with "*" AND the screen reader announces "star, star, star..." (or similar).

However, this may also contravene the long-standing axiom that ARIA does not effect any visual change to the visual UI. Here however, (or a similar custom component with the same intended functionality) needs to effectively override the semantics AND visual behavior of the native input type of text, effectively turning it into <input type of "password"> by obfuscating the text inputted both visually and auditorally.

If the browser vendors are in agreement to make this exception to the long-held "rule", it would break the log-jam IMHO

@annevk
Copy link
Member

annevk commented Dec 21, 2019

I don't think we could guarantee it to be hidden visually. A site today could also listen for the keyboard events and display things, no?

@jnurthen
Copy link
Member

I don't think we could guarantee it to be hidden visually. A site today could also listen for the keyboard events and display things, no?

Some flavours of Amazon’s login page do this today.

@LJWatson
Copy link
Contributor

@annevk suggested:

I think the way to solve this is to not have a public API for the password role (i.e., role="password" is the same as role="gibberish"), but ask it to be implemented for at least . Then if that implementation is solid, make role="password" work as well.>

Can you explain this more?

@annevk
Copy link
Member

annevk commented Dec 22, 2019

Define the private API, ensure it meets the needs, is implemented, and is what <input type=password> uses, and only once all that is done add a public API. (Another way of describing this is ensuring all software involved agrees on the underlying model before exposing an API to that model.)

@LJWatson
Copy link
Contributor

Thanks @annevk, and also @stevefaulkner for talking through the proposal.

If I understand the proposal, the first step would be to map the current behaviours of the native password input to role password, then once that was robustly supported open up the API so it could be set by authors? If so this seems like a good approach I think.

@7mary4
Copy link

7mary4 commented Jan 7, 2020

We have a tax form that includes personal information that a person may want to hide visually. For instance, their social security number. We tried using type="password" but this causes undesirable autocomplete functionality.
image

We tried using type="text" and visually obscuring the text, but the value was still announced to a screen reader.
This led us to try aria-valuetext, which is not valid for a text input. But this brings up an instance where an input may have a value, but we'd like to pass a different value to the accessibility api.

@kentcdodds kentcdodds mentioned this issue May 12, 2020
Closed
@noppa noppa mentioned this issue Jun 16, 2020
Closed
@jnurthen jnurthen modified the milestones: ARIA 1.3, ARIA 1.4 Mar 4, 2021
@stes-acc stes-acc self-assigned this Mar 4, 2021
@scottaohara scottaohara mentioned this issue Jul 8, 2022
Closed
@dgdavid dgdavid mentioned this issue Sep 18, 2023
Merged
@dd8 dd8 mentioned this issue Oct 2, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stes-acc stes-acc

Labels
None yet
Projects
None yet
Milestone
2024
Development

No branches or pull requests
7 participants
@7mary4 @johnfoliot @annevk @jnurthen @joanmarie @LJWatson @stes-acc