[whatwg] Web Forms attributes: minlength / autocomplete

Thomas Broyer t.broyer at gmail.com
Wed Jun 6 07:17:31 PDT 2007

2007/6/6, Sander:
> Anne van Kesteren schreef:
> >>> Why can't you use pattern= for this?
> >>
> >> Maybe I could use that, but as a front-end developer I'm not aware of
> >> all the possibilities and grammar of regular expressions (as goes for
> >> a lot of front-end developers I guess, even proffessionals).
> >> I guess pattern can be used instead of the maxlength and required
> >> attributes as well and it even makes the input types email and url
> >> obsolete (in a technical manner).
> >
> > No it does not. It does not serve the same purpose as required and
> > does not allow the user agent to recognize email or url input controls.
> But if you can use pattern to define a minimal length, than I'm sure you
> can define a minimal length bigger than 0, which makes it required.

No, because "Controls with no value selected do not need to match
their pattern. (Although if they are required controls, they will stop
submission for that reason anyway.)"
    — http://www.whatwg.org/specs/web-forms/current-work/#the-pattern

In other words: you can leave it empty, but if you don't, you must
follow this pattern.

> Using a 'required' attribute is much easier of course, but so would be
> minlength.

Yes, minlength could be handy, but pattern=".{3,}" is not that
difficult (equivalent to minlength=3 here).

> As for the input type url and email... you're right But why is it
> necessary that user agent recognize these as such? If it's because they
> have to be able to validate the values of these fields then pattern
> would be sufficient as well. The semantics would not be the same of
> course and that's why I added "(in a technical manner)".

UAs are expected to let you choose a VCard in your address books or an
URL from either a VCard or your browser's history or bookmarks.

See also the VCARD_NAME attribute:

...but emails and URLs are what people really use actually (when
giving information about someone else).

> Just to avoid misunderstanding: I'm not at all against the attributes
> required and maxlength or the input types url and email. I'm just
> wondering why the same argument is accepted for some attributes, but
> rejected for others.

Re required, see above.
maxlength was already in HTML4, so (i guess) it's kept merely for
backwards compatibility, but is actually equivalent to a
pattern=".{,N}" where N is the maxlength value.
minlength doesn't exist, and given that you can achieve the same
effect using a pattern (see above), there's no real reason to
introduce yet another attribute.

> For instance some reference codes, zip codes or telephone numbers have a
> certain length, but maybe not alway the same notation.
> As you know telephone numbers in the Netherlands have 10 digits, but
> some people prefer to write them all together, and others seperate them,
> using spacers and/or hyphens. If you want to allow people to write their
> number in their own fashion (which is a good thing from a usability
> point of view) then you know the number must be at least 10 characters
> long. Same for Dutch zip codes that are sometimes written with a space
> in them and sometimes not, but they're at least 6 characters long.

Actually, for phone numbers, i think you should really use a pattern...
e.g. pattern="[\s()-.]*([0-9][\s()-.]*){10}"
(allows for any number of spaces, parens, dots or hyphens, followed by
exactly 10 digits, which eventually are seperated by any number of
spaces, parens, dots or hyphens; then on the server side, you just
remove ever space, paren, dot and hyphen and you're given a 10-digit
phone number)

> Perhaps you want users to come up with a password that's at least 6
> characters long or maybe you just want your replicants to come with a
> better argument than "just because", so you could set minlength="13" ;-)
> I'm sure there are hundreds of uses for a minlength attribute, and
> pattern is just harder to use because of the regular expressions. I'd
> even say it's too hard to use for a lot of people.

For the use cases you're giving, you probably want some server-side
code to do some additional checks (is the password containing at least
one letter and one number? does it contain some illegal characters?).
These checks could be done on the client-side with no coding, just
using pattern=.

For the minlength= use case, maybe a "note to authors" in the spec
giving pattern=".{N,}" or pattern="[\s\S]{N,}" as a replacement would
be enough ("replace N with the minimum length of the field value")

Thomas Broyer

More information about the whatwg mailing list