Created attachment 75191 [details]
screenshot of ispell sugesting me completion of my password

Even worse, ispell want to suggest me completion of my password.

Created attachment 75194 [details]
ispell displaying garbage

As you can see on this screenshot, ispell even do not want me to fill this bugreport ;o)

aehm, what has ispell to do with Firefox or Thunderbird?
What invokes ispell? It's not Firefox/Thunderbird.

ispell is launched through scim. (I do not know what launches scim but it does not matter anyway).

Problem is that passwords are completed and underlined in Firefox and Thunderbird.

Mike, is this a problem caused by mozilla or a scim-only effect?

This is caused by scim, it has not caused by mozilla.

Assigning to me.

You should be able to toggle the activation mode of scim
with "Shift+Space".

I.e. if scim is active, "Shift+Space" should switch if off.  If scim
is inactive, "Shift+Space" should switch it on and the scim-panel
should appear.

On the scim panel, you can see the currently selected input method,
in your case this seems to be M17N-en-ispell.

Instead of M17N-en-ispell you can select an input method which is
more useful for you. Maybe M17N-t-latn-pre or M17N-t-latn-post
are useful for you. With these input methods you can input many
accented Latin characters. See

/usr/share/m17n/latn-pre.mim
/usr/share/m17n/latn-post.mim

for a list of key-combinations.

If you don't want to use scim at all, you can disable it by setting

    INPUT_METHOD="none"

in /etc/sysconfig/language or

    export INPUT_METHOD="none"

in your ~/.profile if you want to disable it for one user only.

By the way, I can reproduce that scim can be activated in password
entry fields in Firefox.

I thought this problem was fixed, see bug #117115 and bug #148327.

Or is firefox different from other GTK2 applications?

Apparently Firefox uses different mechanism to input password. Maybe firefox has its own widget. I think we need fix firefox to disable input method when inputting password, just like what we have done in gtk and qt.

has this been fixed? If so, please close the bug.

No, it has not yet been fixed, I can still reproduce it with the
MozillaFirefox package from STABLE as of today.

This is still not fixed, I can still enable SCIM in password input fields in Firefox from STABLE as of today.

Firefox only uses GTK for basic rendering and is implementing its own toolkit and widgets. I have to research a bit. What's the way to define if a widget should not be usable with scim?

The following bug has patches to fix this problem in GTK2 and QT

https://bugzilla.novell.com/show_bug.cgi?id=117115

Maybe they are useful.

In case of Qt3, the fix was very easy, see comment #23 in bug #117115:

--- src/widgets/qlineedit.cpp.old	2005-09-16 23:15:51.000000000 +0800
+++ src/widgets/qlineedit.cpp	2005-09-16 23:20:23.000000000 +0800
@@ -599,6 +599,7 @@
 	return;
     d->echoMode = mode;
     d->updateTextLayout();
+    setInputMethodEnabled (mode == Normal);
     update();
 }


In case of GTK2 it was more complicated.

I'm leaving Novell. If TPM assistance is needed, please ask Joachim Plack (AMD related issues) or Oliver Ries (general x86_64/i386) for assitance.

After some research I wonder if disabling IM for password fields is the correct way. So you can't easily use those languages as passwords?
It's possible to do that in Firefox but there are concerns why that would be the right way.

Jungshik's account is still alive here so I just added him to the bug for input.

Wolfgang Rosenauer> After some research I wonder if disabling IM for
Wolfgang Rosenauer> password fields is the correct way. So you can't
Wolfgang Rosenauer> easily use those languages as passwords?

Using Japanese in passwords doesn't make any sense at all.

For Japanese, one usually has to input a phonetic transcription first,
this is converted to Kanji (Chinese Characters). As the conversion
usually isn't unique, a popup dialog appears and one has to select
the right conversion. This method would not be very safe
for passwords as somebody watching would see the password.

It doesn't necessarily have to be like that for all languages using
input methods, there are some input methods where the translation from
the input to the result is unique and no popups appear.

But if it is possible to input weird characters with an input method
without popup menus, I don't think it is a good idea to use them
in passwords. This is bound to cause problems.

Even simple characters like the German umlauts (äüößÄÖÜ) will most
likely cause a lot of problems in passwords. Different possible
encodings for such things will already cause problems.

Maybe in a distant future when everybody is using UTF-8 everywhere it
will be easier, but currently I cannot see how non-ASCII in passwords
can work reliably.

Wolfgang Rosenauer> It's possible to do that in Firefox

You know how? I'll set this to NEEDINFO to you.

Wolfgang Rosenauer> but there are concerns why that would be the right way.

Who has such concerns and how do they argue?

Sorry, I don't know how (at the moment). I asked other people if it would be possible.

I discussed it with some long time mozilla developers on IRC including Robert O'Callahan. Nobody agreed that this is wanted though. For final discussion I was "advised" to discuss with Jungshik Shin and Masayuki Nakano. I was hoping that Jungshik would notice this bugmail when I added him.

I'll try to ask Jungshik as well.

And I'll add Tejun Heo <teheo@novell.com> to the CC:.
Tejun, what do you think about CJK in passwords?
That doesn't make any sense at all, does it?

Nope, not at all.  I haven't seen one internet site / os / application / whatsoever which allows non-ascii password.  The other browser on the other os turns off IME on password field too.  So, go ahead and turn it off.

Reassign go bnc-team-gnome@forge.provo.novell.com.

Nothing happening and upstream refused to turn off IME for passwords fields.