Forum: Ruby on Rails Stop browser from "form filling" fields.

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
Diego (Guest)
on 2007-02-28 01:49
(Received via mailing list)
Hi all,

I have a user login form which the browser keeps populating because of
its form fill feature. So when anyone goes to log in it shows the
previous login's username and password. How can I stop the browser
from populating a text field?

Thanks in advance.

Rob B. (Guest)
on 2007-02-28 03:56
(Received via mailing list)
On Feb 27, 2007, at 6:48 PM, Diego wrote:

> Cheers,
> Diego

Try adding
to the input.  In Rails' ruby, this would be
  :autocomplete => :off


Rob B.
Diego (Guest)
on 2007-02-28 04:05
(Received via mailing list)
Thank you Rob!

On Feb 28, 12:50 pm, Rob B. <removed_email_address@domain.invalid>
Russell N. (Guest)
on 2007-02-28 15:03
(Received via mailing list)
Unfortunately, the autocomplete attribute is IE only and doesn't belong
any (X)HTML standard. Therefore browsers like Opera and Firefox may or
not support it. Firefox, for the record, does not.

Russell N. (Guest)
on 2007-02-28 15:09
(Received via mailing list)
I spoke incorrectly. Sorta. I'll stand by the fact that autocomplete is
invalid HTML attribute but apparently Firefox _does_ support it.
However, it
needs to be on the form and not the input. Not that I'm endorsing using
invalid HTML. Ick. I'm still searching for a valid HTML solution but
to correct my error.

Chris H. (Guest)
on 2007-02-28 15:37
(Received via mailing list)
in firefox you have to go into the preferences and turn the feature
off under the privacy tab.
Mark T. (Guest)
on 2007-02-28 16:11
(Received via mailing list)
> I have a user login form which the browser keeps populating because of
> its form fill feature. So when anyone goes to log in it shows the
> previous login's username and password. How can I stop the browser
> from populating a text field?

You do know you can turn this feature off in the browser, correct?
Just checking.
Rob B. (Guest)
on 2007-02-28 16:30
(Received via mailing list)
At least on Mac, Firefox and Safari 2.0.4 both support this
on the <input> element.  I haven't check recently, but I think I
first found this with respect to IE (6.0?) on Windows about a year ago.

Perhaps you need to think about the reason you want "valid" (X)HTML.

I don't think that you'll find a de jure standard, but this de facto
one works for me.


Rob B.
alexey.Creopolis (Guest)
on 2007-03-01 15:18
(Received via mailing list)
autocomplete = "off" is works well for ie, firefox 2(with enabled

the "problem" of xhtml compliance ?
forget about this incompartibility, in this case this is only the way.
Thorsten (Guest)
on 2007-03-01 15:42
(Received via mailing list)
I don't think this should be done anyways, in the End it's a Browser
side feature about which the User should decide weither to use it or
If the user wants to stor his username & password fields, let him do
If not, he will disable it (and it's disabled by default // most
browsers ask weither to act that way or not)
Russell N. (Guest)
on 2007-03-01 15:45
(Received via mailing list)
I gotta agree with Thorsten. Not only are you taking away a user's
[as opposed to giving him more] but there's the [and I can't stress this
enough] invalid markup issue. That's two reasons not to use this
feature. ;)

unknown (Guest)
on 2007-03-02 16:46
(Received via mailing list)
I agree with Russel about taking away the users' choices, but for the
record, here's a (untested) solution using javascript:

function blankFields()
document.myform.username.value = "";
document.myform.password.value = "";

Then you use <body onload="blankfields();">.

Thomas F. (Guest)
on 2007-03-03 02:02
(Received via mailing list)
if you're worried about XHTML validation failing, you can do dirty
tricks like:


(tested this only in FF, YMMV).


Am 02.03.2007 um 15:44 schrieb removed_email_address@domain.invalid:
Russell N. (Guest)
on 2007-03-03 16:00
(Received via mailing list)
While this works... It's kinda the equivalent of changing your answers
on a
test after the teacher's already graded it. Either ignore the restraints
validation or follow them but this is just pretending. [God, I hope that
doesn't sound super-snotty.] I agree with Rob in his [way] previous
to me about questioning your rationale for following standards but I do
always aim for valid markup. It just seems weird not to. To me. YMMV.

Thomas F. (Guest)
on 2007-03-03 17:41
(Received via mailing list)
If validation is used as a tool for making sure the page structure
itself is sound (as opposed to following the standards for their own
sake), it can help-- some things you want to have just aren't covered
by the standards, or don't work because browsers don't implement them

So a mixture of having pages validate (and tools aware of XHTML
working nicely) and "injecting" workarounds for both of the
aforementioned issues is working out fine. For me. :)

The "autocomplete" attribuet is probably a bad example anyway, as
normally you always want this the way the user decides, except for
certain cases (for example if you implement server-side
autocompleting, and browsers interfere).

Alas, I don't think there's one single unified answer for how to deal
with this, it really depends on the circumstances, your "style" of
coding, etc.


Am 03.03.2007 um 15:00 schrieb Russell N.:
This topic is locked and can not be replied to.