[whatwg] Exposing spelling/grammar suggestions in contentEditable

[timeless]

On Sun, Nov 28, 2010 at 12:32 PM, Ashley Sheridan
<ash at ashleysheridan.co.uk> wrote:
> But why would a password field ever be tied to a contentEditable section?

I did not say that <html:input type=password> was the source of
password data that was learned by the spell checker.

I said that a spell checker could learn passwords. In fact on the
platforms I use, spell checkers are system global (e.g. OS X), not
browser local.

> As
> far as I was aware, password fields are very special, and don't do a lot of
> things that other fields do, so it wouldn't be difficult for it to not do
> something else would it?!

Input Methods are also system global. On mobile platforms you often
have a Terminal application which doesn't hint to the IME when a
remote session is masking passwords. Thus the IME has no way of
knowing that what you're typing is a password.

Have you ever tried to write a shell which was fully aware of what a
(potentially localized) password prompt looked like? It's pretty much
impossible. When presented with complaints that "dictionaries are
learning passwords", UI designers take the "oh no!, let's turn off the
dictionary for app A!" approach, this doesn't help app B nor does it
help the user (where most of the learned "words" are in fact used
frequently and worth not having to type out).

On old mobile platforms the closest things to a spell checker is the
completion dictionary (new "words" are managed automatically by the
IME). - This includes Maemo 5 which was released in 2009, not a long
time ago.

Given past behaviors of IME/dictionaries, I think it isn't
unreasonable to expect similar behavior in future dictionaries on
future platforms.