[whatwg] [WF2] Objection to autocomplete Attribute

Lachlan Hunt lachlan.hunt at lachy.id.au
Sat Mar 12 03:54:28 PST 2005 

Hi,
   I realise I may be a little late with this issue, since WF2 seems to
be fairly stable, but never the less I would like to note my objection
to the inclusion of the autocomplete attribute [1].

Because autocomplete is a user agent feature designed to assist the user
with filling out forms, the decision for whether or not to use it should
lie with the user.  You should also keep in mind that a user agent
should act on behalf of the user at all times.

As a user, I depend on this functionality (including password managers)
to help remember various login names and passwords used for each site,
and to help type address details, e-mail addresses, URIs and any other
commonly entered values.

As a user, I also get to choose where and when such information is
remembered by my user agent, which is the purpose of the 'Do you want to
remember these values?' dialog for which I (or any other user) can
answer "yes", "no", "never for this site" or any other option provided
by the user agent.

The autocomplete attribute essentially gives this control to the author
of the document, rather than the user; and enabling or disabling any
user agent feature without the *user's* consent is a very user-hostile
act, which I will not tolerate.  Any user agent that obeys a directive
from a web page to disable a feature designed for the user is no longer
acting on behalf of the user, but rather on behalf of the author!

# Support for the attribute must be enabled by default, and the
# ability to disable support should not be trivially accessible,
# as there are significant security implications for the user if
# support for this attribute is disabled.

While it may be true that there are security implications if a user
agent remembers sensitive information, I strongly disagree with the
recommendation that the ability to disable the feature should not be
trivially accessible.  A user agent should be able to make any options
available to the user and such decisions should remain with the user
agent vendor, not with this or any other specification.

# Banks frequently do not want UAs to prefill login information:

That may be so, but that still does not give a bank (or other
organisation) the right to enforce such policies in my user agent.
Personally, I regularly make use of autocomplete to remember my account
login number on my personal computer and although I would not make the
same decision on a public computer, it is *my choice* to do so;
regardless of any guideline suggested by the organisation.

The security concerns of this user agent feature should be addressed by
the user agents, not this or any other document markup language
specification.  Please consider removing (or at least deprecating) this
proprietary attribute which should not be used by an author under any
circumstances.

(I do realise that this attribute is already supported by most UAs, but
luckily it is not widely used by any of the sites I frequently access
and I hope that will not change in the future.)

[1]
http://www.whatwg.org/specs/web-forms/2005-01-28-call-for-comments/#the-autocomplete

-- 
Lachlan Hunt
http://lachy.id.au/
http://GetFirefox.com/     Rediscover the Web
http://GetThunderbird.com/ Reclaim your Inbox

More information about the whatwg mailing list