Welcome Dialog

Welcome to the Community!

We have a brand new look! Take a tour with us and explore the latest updates on Adobe Support Community.


Lightroom plug-in SDK password_field can be vulnerable on Windows

1 Vote
Community Beginner ,
Feb 18, 2017 Feb 18, 2017

Copy link to clipboard

Copied

I recently wrote a new plug-in for Lightroom and in doing so initially created a password_field that is taller than one line (height_in_lines = 3 in my case).

On a Mac, that password_field behaves just as it should: the content is obscured by round dots, and it cannot be copied into the clipboard.

On a Windows, though, to my horror a password_field with height_in_lines > 1 turns the field into a regular multi-line edit_field: the content is visible in plain sight, and it can be copied into the clipboard. This is a serious security flaw.

Granted, most password_field boxes are only one line high so perhaps this is an innocent oops, but I was certainly surprised to discover the difference between Mac and Windows.

Another minor nit is that the password_field on Mac can have a placeholder_string, but on Windows that placeholder_string is obscured as hashes. Duh!
Bug Acknowledged
TOPICS
Desktop

Views

4

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
no replies

Have something to add?

Join the conversation