This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 10923 - Add an attribute to override UA's validation message
Summary: Add an attribute to override UA's validation message
Status: RESOLVED WONTFIX
Alias: None
Product: HTML WG
Classification: Unclassified
Component: pre-LC1 HTML5 spec (editor: Ian Hickson) (show other bugs)
Version: unspecified
Hardware: All All
: P2 normal
Target Milestone: ---
Assignee: Ian 'Hixie' Hickson
QA Contact: HTML WG Bugzilla archive list
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-09-30 23:25 UTC by Mounir Lamouri
Modified: 2010-10-12 16:03 UTC (History)
9 users (show)

See Also:


Attachments

Description Mounir Lamouri 2010-09-30 23:25:14 UTC
.validationMessage currently returns a message depending of the error. We can already assume that some websites will want to override this message. We actually got some inputs in WhatWG mailing list in that sens [1].

It would probably be better to introduce an attribute letting the author overriding the validation message instead of having them doing it the wrong way (ie. with setCustomValidity()) or even not using form constraint validation provided by the UA because of that.

The description would be:
"If an element is invalid and not barred from constraint validation and has a errormessage attribute set different from the empty string then .validationMessage should return the errormessage value instead of the regular error message."

The use cases are simple:
- a field has a specific meaning in the website but the UA can't know that so will show a generic message. For example, a username field.
- a field has more than one restriction and the UA will show an error depending on the current validations errors. For example: <input type='email' required maxlength='20' pattern=".*@company.com">. The UA will show some errors like "Please, fill out this field" or "Please enter an email address" or "Please follow the specified pattern" but the author might want to have an unique error message : "Please enter your <COMPANY> email address".

[1] http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2010-September/028622.html
Comment 1 Anne 2010-10-01 10:55:44 UTC
If some of the messages are localized and some are in language of the site that would be confusing.
Comment 2 Mounir Lamouri 2010-10-01 18:22:52 UTC
(In reply to comment #1)
> If some of the messages are localized and some are in language of the site that
> would be confusing.

Specifications should recommend authors to override all error messages when they override one.
Though, this problem would happens as soon as a page is using .setCustomValidity() which might happen quite often for the password check use case (checking that both fields have the same value).
Comment 3 Jonas Sicking (Not reading bugmail) 2010-10-01 18:53:44 UTC
The mismatched language issue also happens if your browser-ui uses one language and you browse to a page which uses another language. In this case the page will be in one language and the error messages will be in another. I would even argue that this is likely to be a more common mismatch.

This suggested feature actually helps with that as the page author can be expected to use the same language in this attribute as on the rest of the page.
Comment 4 Anne 2010-10-01 19:58:43 UTC
If we actually want that behavior should not we try to use localized strings based on the language of the page rather than based on the language of the browser?

And just as a sanity check, there is no use case for different error messages depending on what constraint was violated?

(Good point about localization being an issue for setCustomValidity() too. Forgot about that.)
Comment 5 Mounir Lamouri 2010-10-01 23:03:21 UTC
(In reply to comment #4)
> If we actually want that behavior should not we try to use localized strings
> based on the language of the page rather than based on the language of the
> browser?

That would mean that browsers should provide localized strings in each languages they know? IOW, if a build is currently "One-language only", at least these string will have to be available in all languages. Seams weird to me.

> And just as a sanity check, there is no use case for different error messages
> depending on what constraint was violated?

Exactly. The idea is to prevent making things too complex (like having dozens of attributes). The author should be able to describe the requirement in one message.
Comment 6 Jonas Sicking (Not reading bugmail) 2010-10-01 23:06:54 UTC
(In reply to comment #4)
> If we actually want that behavior should not we try to use localized strings
> based on the language of the page rather than based on the language of the
> browser?

I suspect this is already allowed by spec and is basically a quality-of-implementation issue. However at least in firefox we only ship with one set of localized strings as things stand now.

I suspect this is something we'll look into in the future.

> And just as a sanity check, there is no use case for different error messages
> depending on what constraint was violated?

I would say there is. That was one of the issues I originally raised in the thread pointed to in comment 0.

However I think it's ok to start simple here and expand as we see need. One problem is that there isn't really a specified set of possible error messages. For example a browser could have different error messages for an invalid email address with a pattern, a invalid email address without pattern and an invalid email address that has required set.

In any case, with a bit of js-code this can be handled. In the event handler you can inspect the .value as well as the various properties properties on .validity and using that information set the new attribute to whatever you want.
Comment 7 Ian 'Hixie' Hickson 2010-10-05 21:50:05 UTC
I don't understand. The described use cases are exactly what setCustomValidity() is for. What is the problem with setCustomValidity()?
Comment 8 Jonas Sicking (Not reading bugmail) 2010-10-05 23:47:49 UTC
The problem is that setCustomValidity() makes the control invalid. For example it now matches :invalid.

The current problem is that the error message that the browser can come up with are fairly generic. For example for

<input type=email required name=username>

we can only provide vague wording saying that you must enter a valid email address. However the page generally knows exactly why a certain field is needed and can give a much better error message. For example:

<input type=email required name=username customerrormessage="Please enter your username. The username must be an email address where we can reach you.">


If you want to accomplish the same thing with setCustomValidity(), you'll have to do something like:


<input type=email required name=username oninvalid="setCustomValidity('Please enter your username. The username must be an email address where we can reach you.');" oninput="setCustomValidity('');">

But even here the browser might change the displayed error message as soon as the user start typing, if it is displaying UI at that time.
Comment 9 Ian 'Hixie' Hickson 2010-10-12 08:09:46 UTC
Well what would you do for, e.g., <input type=number> where there might be multiple different errors? (too low, too high, not on step, missing, etc)? Or <input type=text pattern required>, where it might be required or might not match the pattern?

We'd need one attribute per possible UA message, and we don't know how many UA messages there might be (e.g. the UA might also have different messages for combinations of errors, like a date field that is both too low and not on step).

The whole point of this feature is that the UA can do an excellent job of this, whereas the authors of most pages really just want to mark the control as required and not have to worry about it.

What I meant with respect to setCustomValidity() is that if you think you can do a better job than the UA, then you would do all the checks oninput:

   <input type=text pattern="..." oninput="check(this)">

   function check(control) {
      if (it's a text control) {
         if (it's required but the value is missing) {
            control.setCustomValidity('yo bro you need a value here man');
         } else if (it's got a pattern and the pattern doesn't match) {
            control.setCustomValidity('you need to make sure to write things correctly dude');
         } else {
            control.setCustomValidity('');
         }
      } else {
         ...
      }
   }

...and so on.


EDITOR'S RESPONSE: This is an Editor's Response to your comment. If you are satisfied with this response, please change the state of this bug to CLOSED. If you have additional information and would like the editor to reconsider, please reopen this bug. If you would like to escalate the issue to the full HTML Working Group, please add the TrackerRequest keyword to this bug, and suggest title and text for the tracker issue; or you may create a tracker issue yourself, if you are able to do so. For more details, see this document:
   http://dev.w3.org/html5/decision-policy/decision-policy.html

Status: Rejected
Change Description: no spec change
Rationale: Requested feature seems redundant with existing features.
Comment 10 Jonas Sicking (Not reading bugmail) 2010-10-12 16:03:48 UTC
> The whole point of this feature is that the UA can do an excellent job of
> this, whereas the authors of most pages really just want to mark the control
> as required and not have to worry about it.

This does not match our implementation experience. I agree that of course any author would love it if the UA came up with a great error message for every situation. But as a UA we're forced to use very generic messages that can't be specific to the given control. For example we're forced to say "the number is too low" rather than "surely you don't have a negative age".

For now I suspect we'll implement the attribute and let authors experiment with it. In case people like it we'll reopen this bug (or file a new one against the next iteration of the spec)