Opened 10 years ago

Last modified 10 years ago

#24202 closed New feature

Implement a SensitiveTextInput widget for sensitive input fields — at Version 1

Reported by: Håkan W Owned by: nobody
Component: Forms Version: 1.7
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description (last modified by Håkan W)

If you're implementing Stripe, Adyen, or other big payment solutions today, then you can use client side encryption, where form fields are used for inputting e.g. credit card number (etc), but that will be encrypted before the form is submitted to the server. These fields should not be sent raw to the server, so you usually remove the name attribute on the input fields.

It would be really great if django had a SensitiveTextInput widget for purposes like this. This idea is from here: http://stackoverflow.com/questions/18116917/change-form-input-attribute-name-to-data-encrypted-name

Here's a suggested class:

# a text input widget with no name attribute
class SensitiveTextInput(forms.TextInput):
    def build_attrs(self, extra_attrs=None, **kwargs):
        attrs = super(SensitiveTextInput, self).build_attrs(extra_attrs, **kwargs)
        if 'name' in attrs:
            del attrs['name']
        return attrs

Change History (1)

comment:1 by Håkan W, 10 years ago

Component: UncategorizedForms
Description: modified (diff)
Type: UncategorizedNew feature
Note: See TracTickets for help on using tickets.
Back to Top