Skip to Content (Press Enter)
OutSystems.com
Personal Edition
Community
Support
Training
Training
Online Training
Developer Schools
Boot Camps
Certifications
Tech Talks
Documentation
Documentation
Overview
ODC
O11
Forums
Forge
Get Involved
Get Involved
Jobs
Ideas
Members
Mentorship
User Groups
Platform
Platform
ODC
O11
Search in OutSystems
Log in
Get Started
Back to Forums
Sathya Sekar
2
Views
1
Comments
Retaining values in password fields
Question
Security
Hi,
We have a page to create a customer record. As part of this, sensitive details such as the customer's SSN need to be entered. Our requirement is that such attributes require to be masked in the UI. We used the password text component for this which does address the masking problem. But we have an issue that when there is a validation error in the form, these fields are cleared. The requirement is to retain these values so that they do not need to be re-entered. Is there any way to achieve this with a password component? Or any alternative to this?
System:
OutSystems 9.0.0.2 - Java
Thanks.
João Rosado
Staff
Hi Sathya,
For security reasons password inputs don't send the password back from server to the clients.
To do that you can fill in the input an extended property named "value" with what you want to send back to the browser.
A nice trick that we usually use (for example in some ServiceCenter screens) is to store the value in a variable and then instead of sending back the passwords we send a constant value like "********". Then when the new request comes from the client, compare it with the constant. If it's "********", then the user did not change it and you use the one stored in the variable. If it's different then the user changed it and you update the value.
Also on a side topic regarding password fields (because you will hit this problem, if you didn't already):
Some browsers, like Chrome, always do autocomplete on username and passwords when they see an password input on a form. The ONLY definitive way to avoid that is to add 2 fake hidden inputs at the begging of your page to trick him.
So, before your form add an expression with "Escape Content" set to "No" and this value:
"<input style='display:none' type='text' name='fakeusernameremembered'/><input style='display:none' type='password' name='fakepasswordremembered'/>"
Regards,
João Rosado
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting.
See the full guidelines
Loading...