make text interface consistent for password fields in respect to native markup and aria roles

RESOLVED INCOMPLETE

Status

()

Core
Disability Access APIs
RESOLVED INCOMPLETE
8 years ago
2 years ago

People

(Reporter: surkov, Unassigned)

Tracking

(Blocks: 1 bug, {access})

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [auto-closed:inactivity])

(Reporter)

Description

8 years ago
nsHyperTextAccessible uses final role for text interface implementation, the same time nsMaiInterfaceText uses role from native markup. So if we have an example

<input type="password" role="textbox"/>

then AT can get an access to hidden text. It doesn't sound like security problem though it can be used for cheating. Marking as security bug for now.

You're feedback is appreciated.
Is hiding this bug protecting anyone from being exploited? Seems like this bug could be unhidden.
(Reporter)

Comment 2

8 years ago
(In reply to comment #1)
> Is hiding this bug protecting anyone from being exploited? Seems like this bug
> could be unhidden.

It sounds no. Ok. It seems to me I don't have rights for this :)
Group: core-security
(Reporter)

Updated

7 years ago
Blocks: 343213
AUTO-CLOSED. This bug untouched for over 2000 days. Please reopen if you can confirm the bug and help it progress.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → INCOMPLETE
Whiteboard: [auto-closed:inactivity]
You need to log in before you can comment on or make changes to this bug.