SC 338 -- Copy and paste disabled (new in WCAG 2.2)

[damiansian]

URL

https://demo.fileyourstatetaxes.org/en/questions/tax-refund

Issue

You have fields that prevent users from copying and pasting. This creates a matter of non-conformance with WCAG 2.2 which is the latest version of the standard, but beyond your legally mandated scope. So, addressing the issue is at your discretion.

Screen shot

WCAG

SC 3.3.8: Accessible Authentication (Minimum) (Level AA)

User impact

Copy and paste can be relied on to avoid transcription. Users can copy their login credentials from a local source (such as a standalone third-party password manager) and paste it into the username and password fields on a login form, or into a web-based command line interfaces asking for a password. Blocking people from pasting into authentication fields, or using a different format between the copied text and the input field (for example, "Enter the 3rd, 4th, and 6th character of your password"), would force the user to transcribe information and therefore fail this criterion, unless another method is available.

Suggested fix:

Remove the scripting that is blocking paste action here. It's okay to leave the copy blocking on. This assumes a user can have the field populated from their password vault for example.

Current

<input 
    autocomplete="off" 
    autocorrect="off" 
    autocapitalize="off" 
    spellcheck="false" 
    type="text" 
    class="form-width--long disablepaste disablecopy text-input" 
    aria-describedby="state_file_tax_refund_form_routing_number_confirmation__errors"   
    id="s1n"     
    name="state_file_tax_refund_form[routing_number_confirmation]">