Here is the text of the NIST sp800-63b Digital Identity Guidelines.

  • Daemon Silverstein
    link
    fedilink
    English
    13 months ago

    Sometimes it’s not “readonly”, but a Javascript thing that “event.preventDefault()” and “return false” during the “onpaste” event. As the event is generally set using elm.addEventListener instead of setting elm.onpaste, it’s not possible to remove the listener, as it’d need the reference for the handler function that was set to handle the mentioned JS event. So simply setting the value directly using elm.value bypasses the onpaste event.

    • @[email protected]
      link
      fedilink
      English
      23 months ago

      That’s fair, not sure why they’d go through that much effort when DOM attributes exist.