act-rules/act-rules.github.io

Should `<input type="password">` be considered as form field?

Jym77 opened this issue · 2 comments

Jym77 commented

As per HTML AAM, <input type="password"> elements have no role.

This means that they are not considered by most of our "form fields" rules, among other Form field has non-empty accessible name, therefore we do not flag <input type="password"> as missing an accessible name, while it seems that it should.

I do remember us already doing some tricks around <input type="password"> in #1612
It looks like we should update a few more rules for that.

dd8 commented

The lack of a role mapping for input type=password is due to security concerns: w3c/aria#935

Some other input types also have no ARIA role mapping, but map to various platform-specfic API roles (IA2_ROLE_DATE_EDITOR / AXTimeField / ROLE_SYSTEM_SPINBUTTON)

  • input type=color
  • input type=date
  • input type=datetime-local
  • input type=file
  • input type=month
  • input type=time
  • input type=week
  • 👍1
dd8 commented

One way of doing this is looking at the platform-specific roles for controls with no ARIA role mapping. For input type=password this maps to:

So you could use wording like the following:

This rule applies to any element that is included in the accessibility tree, and that has:

  • one of the following semantic roles: checkbox, combobox (select elements), listbox, menuitemcheckbox, menuitemradio, radio, searchbox, slider, spinbutton, switch, textbox.
  • or, has no semantic role but maps to any one of the following platform roles: ROLE_SYSTEM_TEXT, ATK_ROLE_PASSWORD_TEXT, AXSecureTextField in HTML AAM

The second item only applies for elements with no explicit role and marked as 'No corresponding role' in HTML AAM but have platform specific mappings. This looks like it can be extended to other input types like input type=time as well.