[whatwg] Constraint validation for maxlength

Aryeh Gregor Simetrical+w3c at gmail.com
Thu Jul 22 14:18:36 PDT 2010


maxlength predates all the other form validation attributes by many
years.  Historically, browsers would prohibit users from entering text
beyond the maxlength of an input or textarea, but would not prohibit
form submission.  HTML5 changes this:

"""
Constraint validation: If an element has a maximum allowed value
length, and its dirty value flag is true, and the code-point length of
the element's value is greater than the element's maximum allowed
value length, then the element is suffering from being too long.
"""
http://www.whatwg.org/specs/web-apps/current-work/multipage/association-of-controls-and-forms.html#limiting-user-input-length

If I read it correctly, this means that pages that previously worked
no longer will, if a script sets the value of the input to something
longer than the maxlength.  Something like this was reported against
Chromium (although in this case it was more of a browser bug for
autofilling passwords beyond maxlength):

http://code.google.com/p/chromium/issues/detail?id=45640#c2

These two test cases show that Opera maintains the legacy behavior
(not compatible with the spec) and submits the forms regardless of
maxlength violations, while WebKit (Chromium) blocks submission as
required by the spec:

data:text/html,<!doctype html><body
onload="document.getElementById('a').value='foo'"><form><input id=a
maxlength=2><input type=submit></form>Try to submit the form

data:text/html,<!doctype html><form><input id=a><input
type=submit></form><a href=""
onclick="document.getElementById('a').maxLength = 2; return
false">Enter "foo" into the input, click here, then try to submit</a>

Should the spec (and WebKit) be changed here, or should Opera change?


More information about the whatwg mailing list