Exposing masked strings for password fields to accessibility


I recently found out that the text displayed in instances of GtkEntry
with 'visibility' set to FALSE (meant to be used for passwords mainly)
is not being exposed at all to Assistive Technologies like Orca, which
are always getting and empty string, due to code snippets like this one
in gtkentryaccessible.c:

 static gchar *
 gtk_entry_accessible_get_text (AtkText *atk_text,
                                    gint start_pos,
                                    gint end_pos)

    /* FIXME: is this acceptable ? */
    if (!gtk_entry_get_visibility (GTK_ENTRY (widget)))
      return g_strdup ("");

    text = gtk_entry_get_text (GTK_ENTRY (widget));

This is a problem for Orca because, if a string like "******" is being
displayed in the screen for that input field, that's exactly what Orca
would expect to get when calling functions like get_text() or
get_text_after_offset() through the AT-SPI text interface.

As an example of other toolkit doing something similar, I can say that
Firefox is already exposing <input type="password"> that way, and we're
planning to do the same in WebKitGTK+.

However, I understand some might see the fact of exposing the number of
masked characters as a security issue, so that's why I'm asking for
feedback here now.

For more details about this and a possible patch I'm already proposing,
check bug 681591 I just filed some minutes ago[1].


[1] https://bugzilla.gnome.org/show_bug.cgi?id=681591

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]