fix: bug 17965

[grvgoel81]

Description

BugFix: #17965 (Typing in the input field after it was unfocused and focused leads to the entire password getting deleted and replaced)
Jira: https://consensyssoftware.atlassian.net/browse/SL-282

Changelog

CHANGELOG entry: BugFix: #17965

Related issues

Fixes:

• [Bug]: Typing in the input field after it was unfocused and focused leads to the entire password getting deleted and replaced #17965

Manual testing steps

Feature: my feature name

  Scenario: user [verb for user action]
    Given [describe expected initial app state]

    When user [verb for user action]
    Then [describe expected outcome]

Screenshots/Recordings

Before

After

Screen.Recording.2025-11-11.at.6.51.29.PM.mov

Pre-merge author checklist

• I’ve followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I’ve included tests if applicable
• I’ve documented my code using JSDoc format if applicable
• I’ve applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Harden password and confirm input handling to avoid full deletion/incorrect replacement on refocus, clear confirm when password is cleared, and disable select-on-focus.

• Onboarding > ChoosePassword:
  • Input handling:
    • Track focus-time values and flags to prevent password/confirmPassword from being wiped when refocusing secure fields and to correctly append characters after accidental clears.
    • Reset confirmPassword when password becomes empty (in componentDidUpdate and on blur).
  • UI tweaks:
    • Add onFocus/onBlur to both TextFields; set selectTextOnFocus={false} for each.
  • Tests:
    • Update snapshots to reflect new selectTextOnFocus={false} prop.

^{Written by Cursor Bugbot for commit c4783c6. Configure here.}

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[cursor]

Bug: iOS Password Field: Unclearable

The workaround for the iOS secure text entry bug prevents users from intentionally clearing the password field. When a user focuses the field and manually selects all text and deletes it, the condition prevState.password === this.passwordAtFocusTime is true, causing the workaround to incorrectly preserve the old password instead of allowing the deletion. The logic cannot distinguish between iOS sending a spurious empty string and the user intentionally clearing the field.

 

[cursor]

Bug: Visibility Toggle Erases Secure Passwords

When the iOS secure text entry workaround is active (expectingCharAfterClear is true) and the user toggles password visibility before the next character arrives, the original password is lost. The second condition checks isSecureTextEntry, so after toggling visibility it falls through to the default case which sets password to just the new value, discarding passwordAtFocusTime. The same issue exists in setConfirmPassword for the confirm password field.

 

[codecov-commenter]

Codecov Report

❌ Patch coverage is 93.22034% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 77.90%. Comparing base (440bb05) to head (3b98549).
⚠️ Report is 15 commits behind head on main.

Files with missing lines	Patch %	Lines
app/components/Views/ChoosePassword/index.js	93.22%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #22479      +/-   ##
==========================================
- Coverage   77.91%   77.90%   -0.02%     
==========================================
  Files        3836     3836              
  Lines       98091    98221     +130     
  Branches    19259    19282      +23     
==========================================
+ Hits        76430    76521      +91     
- Misses      16413    16469      +56     
+ Partials     5248     5231      -17     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
2 New issues
0 Accepted issues

Measures
0 Security Hotspots
96.3% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud