I wanted to ask why Rails’ password_field helper uses the input password
as default value when reloading a form because of errors? Isn’t this a
potential security leak? On any other webs I’ve seen so far the password
fields have to be filled in again after every reload of the site so the
password doesn’t exist in plain text in the html code…
What do you think about that?