Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Ensure password inputs are masked when switching type #1170

Merged
merged 3 commits into from
Mar 20, 2023
Merged

feat: Ensure password inputs are masked when switching type #1170

merged 3 commits into from
Mar 20, 2023

Conversation

mydea
Copy link
Contributor

@mydea mydea commented Mar 8, 2023

This PR improves masking of <input type="password"> elements in the case that their type is switched to text. This is quite common in modern UI, where often you have a button to "show password" while typing it. We should still mask this content in that case as if it was a password, in order to prevent accidentally capturing this unmasked.

This is done by adding an data-rr-is-password attribute to the input in the case where the type is changed from password to something else.

Note: While at it, I also changed the code to actually accommodate uppercase type, as e.g. <input type="PASSWORD"> is valid but would not have been masked previously, as we never converted the type to lowercase.

@changeset-bot
Copy link

changeset-bot bot commented Mar 8, 2023
edited
Loading

🦋 Changeset detected

Latest commit: 2869161

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 7 packages
Name Type
rrweb-snapshot Minor
rrweb Minor
rrdom Minor
rrdom-nodejs Minor
rrweb-player Minor
@rrweb/types Minor
@rrweb/web-extension Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@mydea mydea mentioned this pull request Mar 8, 2023
Merged
@mydea
feat: Ensure password inputs are masked when switching type
bdfa260 
Apply formatting changes

use data- attribute


ref: Ensure type is always lowercased


add changeset
@mydea
extract into util
40be43a
@mydea mydea force-pushed the fn/handle-password-type-change branch from 22757c8 to 40be43a Compare March 20, 2023 09:59
YunFeng0817
YunFeng0817 approved these changes Mar 20, 2023
View reviewed changes
Copy link
Member

@YunFeng0817 YunFeng0817 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@YunFeng0817 YunFeng0817 merged commit d2582e9 into rrweb-io:master Mar 20, 2023
@github-actions github-actions bot mentioned this pull request Mar 20, 2023
Merged
@mydea mydea mentioned this pull request Mar 20, 2023
Merged
@YunFeng0817 YunFeng0817 mentioned this pull request Mar 22, 2023
Merged
This was referenced Mar 23, 2023
Open
Open
@re-fort re-fort mentioned this pull request Apr 11, 2023
Merged
This was referenced Jul 6, 2023
Closed
Closed
Closed
@billyvg billyvg mentioned this pull request Jul 17, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@YunFeng0817 YunFeng0817 YunFeng0817 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mydea @YunFeng0817