Summary:
Regardless of the password mode of Entry,
_edje_entry_imf_retrieve_surrounding_cb alwalys passes plain_text
to any callers who register that callback.
This commit replace plain text with '*'
because current behavior could be a security hole in some case.
Reviewers: woohyun, id213sin, jihoon
Reviewed By: jihoon
Subscribers: cedric, jsuya, z-wony, jpeg
Differential Revision: https://phab.enlightenment.org/D4238
if (plain_text)
{
+ if (ecore_imf_context_input_hint_get(ctx) & ECORE_IMF_INPUT_HINT_SENSITIVE_DATA)
+ {
+ char *itr = NULL;
+ for (itr = plain_text; itr && *itr; ++itr)
+ *itr = '*';
+ }
+
*text = strdup(plain_text);
free(plain_text);