WebUI: try harder to prevent browsers from auto-filling in password fields
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
parent
676286182a
commit
965d059400
13 changed files with 30 additions and 30 deletions
2
go.mod
2
go.mod
|
|
@ -80,7 +80,7 @@ require (
|
|||
cloud.google.com/go v0.105.0 // indirect
|
||||
cloud.google.com/go/compute v1.12.1 // indirect
|
||||
cloud.google.com/go/compute/metadata v0.2.1 // indirect
|
||||
cloud.google.com/go/iam v0.6.0 // indirect
|
||||
cloud.google.com/go/iam v0.7.0 // indirect
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.0.1 // indirect
|
||||
github.com/ajg/form v1.5.1 // indirect
|
||||
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.9 // indirect
|
||||
|
|
|
|||
4
go.sum
4
go.sum
|
|
@ -60,8 +60,8 @@ cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqCl
|
|||
cloud.google.com/go/firestore v1.6.1/go.mod h1:asNXNOzBdyVQmEU+ggO8UPodTkEVFW5Qx+rwHnAz+EY=
|
||||
cloud.google.com/go/iam v0.1.0/go.mod h1:vcUNEa0pEm0qRVpmWepWaFMIAI8/hjB9mO8rNCJtF6c=
|
||||
cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY=
|
||||
cloud.google.com/go/iam v0.6.0 h1:nsqQC88kT5Iwlm4MeNGTpfMWddp6NB/UOLFTH6m1QfQ=
|
||||
cloud.google.com/go/iam v0.6.0/go.mod h1:+1AH33ueBne5MzYccyMHtEKqLE4/kJOibtffMHDMFMc=
|
||||
cloud.google.com/go/iam v0.7.0 h1:k4MuwOsS7zGJJ+QfZ5vBK8SgHBAvYN/23BWsiihJ1vs=
|
||||
cloud.google.com/go/iam v0.7.0/go.mod h1:H5Br8wRaDGNc8XP3keLc4unfUUZeyH3Sfl9XpQEYOeg=
|
||||
cloud.google.com/go/kms v1.4.0/go.mod h1:fajBHndQ+6ubNw6Ss2sSd+SWvjL26RNo/dr7uxsnnOA=
|
||||
cloud.google.com/go/kms v1.5.0 h1:uc58n3b/n/F2yDMJzHMbXORkJSh3fzO4/+jju6eR7Zg=
|
||||
cloud.google.com/go/longrunning v0.1.1 h1:y50CXG4j0+qvEukslYFBCrzaXX0qpFbBzc3PchSu/LE=
|
||||
|
|
|
|||
|
|
@ -72,7 +72,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
</div>
|
||||
<div class="form-group">
|
||||
<input type="password" class="form-control form-control-user-custom"
|
||||
id="inputPassword" name="password" placeholder="New Password" required>
|
||||
id="inputPassword" name="password" placeholder="New Password" autocomplete="new-password" required>
|
||||
</div>
|
||||
<input type="hidden" name="_form_token" value="{{.CSRFToken}}">
|
||||
<button type="submit" class="btn btn-primary btn-user-custom btn-block">
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="form-group row">
|
||||
<label for="idPassword" class="col-sm-2 col-form-label">Password</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idPassword" name="password" placeholder=""
|
||||
<input type="password" class="form-control" id="idPassword" name="password" placeholder="" autocomplete="new-password"
|
||||
{{if not .IsAdd}}aria-describedby="pwdHelpBlock" {{end}}>
|
||||
{{if not .IsAdd}}
|
||||
<small id="pwdHelpBlock" class="form-text text-muted">
|
||||
|
|
|
|||
|
|
@ -73,11 +73,11 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
</div>
|
||||
<div class="form-group">
|
||||
<input type="password" class="form-control form-control-user-custom" id="inputPassword"
|
||||
name="password" placeholder="Password" required>
|
||||
name="password" placeholder="Password" autocomplete="new-password" required>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<input type="password" class="form-control form-control-user-custom" id="inputConfirmPassword"
|
||||
name="confirm_password" placeholder="Repeat password" required>
|
||||
name="confirm_password" placeholder="Repeat password" autocomplete="new-password" required>
|
||||
</div>
|
||||
<input type="hidden" name="_form_token" value="{{.CSRFToken}}">
|
||||
<button type="submit" class="btn btn-primary btn-user-custom btn-block">
|
||||
|
|
|
|||
|
|
@ -33,21 +33,21 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="form-group row">
|
||||
<label for="idCurrentPassword" class="col-sm-2 col-form-label">Current password</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idCurrentPassword" name="current_password" required>
|
||||
<input type="password" class="form-control" id="idCurrentPassword" name="current_password" autocomplete="new-password" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group row">
|
||||
<label for="idNewPassword1" class="col-sm-2 col-form-label">New password</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idNewPassword1" name="new_password1" required>
|
||||
<input type="password" class="form-control" id="idNewPassword1" name="new_password1" autocomplete="new-password" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group row">
|
||||
<label for="idNewPassword2" class="col-sm-2 col-form-label">Confirm password</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idNewPassword2" name="new_password2" required>
|
||||
<input type="password" class="form-control" id="idNewPassword2" name="new_password2" autocomplete="new-password" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -97,7 +97,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="col-sm-2"></div>
|
||||
<label for="idHTTPPassword" class="col-sm-2 col-form-label">Password</label>
|
||||
<div class="col-sm-3">
|
||||
<input type="password" class="form-control" id="idHTTPPassword" name="http_password" placeholder=""
|
||||
<input type="password" class="form-control" id="idHTTPPassword" name="http_password" placeholder="" autocomplete="new-password"
|
||||
value="{{if .Action.Options.HTTPConfig.Password.IsEncrypted}}{{.RedactedSecret}}{{else}}{{.Action.Options.HTTPConfig.Password.GetPayload}}{{end}}">
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -76,7 +76,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="col-sm-2"></div>
|
||||
<label for="idS3AccessSecret" class="col-sm-2 col-form-label">Access Secret</label>
|
||||
<div class="col-sm-3">
|
||||
<input type="password" class="form-control" id="idS3AccessSecret" name="s3_access_secret" placeholder=""
|
||||
<input type="password" class="form-control" id="idS3AccessSecret" name="s3_access_secret" placeholder="" autocomplete="new-password"
|
||||
value="{{if .S3Config.AccessSecret.IsEncrypted}}{{.RedactedSecret}}{{else}}{{.S3Config.AccessSecret.GetPayload}}{{end}}">
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -285,7 +285,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="form-group row fsconfig fsconfig-azblobfs">
|
||||
<label for="idAzAccountKey" class="col-sm-2 col-form-label">Account Key</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idAzAccountKey" name="az_account_key" placeholder=""
|
||||
<input type="password" class="form-control" id="idAzAccountKey" name="az_account_key" placeholder="" autocomplete="new-password"
|
||||
value="{{if .AzBlobConfig.AccountKey.IsEncrypted}}{{.RedactedSecret}}{{else}}{{.AzBlobConfig.AccountKey.GetPayload}}{{end}}">
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -294,7 +294,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<label for="idAzSASURL" class="col-sm-2 col-form-label">SAS URL</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idAzSASURL" name="az_sas_url" placeholder="" aria-describedby="AzSASURLHelpBlock"
|
||||
value="{{if .AzBlobConfig.SASURL.IsEncrypted}}{{.RedactedSecret}}{{else}}{{.AzBlobConfig.SASURL.GetPayload}}{{end}}">
|
||||
autocomplete="new-password" value="{{if .AzBlobConfig.SASURL.IsEncrypted}}{{.RedactedSecret}}{{else}}{{.AzBlobConfig.SASURL.GetPayload}}{{end}}">
|
||||
<small id="AzSASURLHelpBlock" class="form-text text-muted">
|
||||
Shared Access Signature URL can be used instead of account name/key
|
||||
</small>
|
||||
|
|
@ -389,7 +389,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<label for="idCryptPassphrase" class="col-sm-2 col-form-label">Passphrase</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idCryptPassphrase" name="crypt_passphrase"
|
||||
placeholder="" aria-describedby="CryptPassphraseHelpBlock"
|
||||
placeholder="" autocomplete="new-password" aria-describedby="CryptPassphraseHelpBlock"
|
||||
value="{{if .CryptConfig.Passphrase.IsEncrypted}}{{.RedactedSecret}}{{else}}{{.CryptConfig.Passphrase.GetPayload}}{{end}}">
|
||||
<small id="CryptPassphraseHelpBlock" class="form-text text-muted">
|
||||
Passphrase to derive the per-object encryption key
|
||||
|
|
@ -426,7 +426,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="col-sm-2"></div>
|
||||
<label for="idSFTPPassword" class="col-sm-2 col-form-label">Password</label>
|
||||
<div class="col-sm-3">
|
||||
<input type="password" class="form-control" id="idSFTPPassword" name="sftp_password" placeholder=""
|
||||
<input type="password" class="form-control" id="idSFTPPassword" name="sftp_password" placeholder="" autocomplete="new-password"
|
||||
value="{{if .SFTPConfig.Password.IsEncrypted}}{{.RedactedSecret}}{{else}}{{.SFTPConfig.Password.GetPayload}}{{end}}">
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -442,7 +442,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="form-group row fsconfig fsconfig-sftpfs">
|
||||
<label for="idSFTPPassphrase" class="col-sm-2 col-form-label">Key Passphrase</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idSFTPPassphrase" name="sftp_key_passphrase" placeholder=""
|
||||
<input type="password" class="form-control" id="idSFTPPassphrase" name="sftp_key_passphrase" autocomplete="new-password" placeholder=""
|
||||
value="{{if .SFTPConfig.KeyPassphrase.IsEncrypted}}{{.RedactedSecret}}{{else}}{{.SFTPConfig.KeyPassphrase.GetPayload}}{{end}}"
|
||||
aria-describedby="SFTPPassphraseHelpBlock">
|
||||
<small id="SFTPPassphraseHelpBlock" class="form-text text-muted">
|
||||
|
|
@ -509,7 +509,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="col-sm-2"></div>
|
||||
<label for="idHTTPPassword" class="col-sm-2 col-form-label">Password</label>
|
||||
<div class="col-sm-3">
|
||||
<input type="password" class="form-control" id="idHTTPPassword" name="http_password" placeholder=""
|
||||
<input type="password" class="form-control" id="idHTTPPassword" name="http_password" autocomplete="new-password" placeholder=""
|
||||
value="{{if .HTTPConfig.Password.IsEncrypted}}{{.RedactedSecret}}{{else}}{{.HTTPConfig.Password.GetPayload}}{{end}}">
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -517,7 +517,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="form-group row fsconfig fsconfig-httpfs">
|
||||
<label for="idHTTPAPIKey" class="col-sm-2 col-form-label">API Key</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idHTTPAPIKey" name="http_api_key" placeholder=""
|
||||
<input type="password" class="form-control" id="idHTTPAPIKey" name="http_api_key" autocomplete="new-password" placeholder=""
|
||||
value="{{if .HTTPConfig.APIKey.IsEncrypted}}{{.RedactedSecret}}{{else}}{{.HTTPConfig.APIKey.GetPayload}}{{end}}">
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="card-body text-form-error">{{.Error}}</div>
|
||||
</div>
|
||||
{{end}}
|
||||
<form id="login_form" action="{{.CurrentURL}}" method="POST" autocomplete="off"
|
||||
<form id="login_form" action="{{.CurrentURL}}" method="POST"
|
||||
class="user-custom">
|
||||
{{if not .FormDisabled}}
|
||||
<div class="form-group">
|
||||
|
|
@ -35,7 +35,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
</div>
|
||||
<div class="form-group">
|
||||
<input type="password" class="form-control form-control-user-custom"
|
||||
id="inputPassword" name="password" placeholder="Password" required>
|
||||
id="inputPassword" name="password" placeholder="Password" autocomplete="current-password" required>
|
||||
{{if .ForgotPwdURL}}
|
||||
<div class="text-right">
|
||||
<a class="small" href="{{.ForgotPwdURL}}">Forgot password?</a>
|
||||
|
|
|
|||
|
|
@ -71,7 +71,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<input type="text" class="form-control" id="idTplUsername0" name="tpl_username" placeholder="Username" maxlength="255">
|
||||
</div>
|
||||
<div class="form-group col-md-3">
|
||||
<input type="password" class="form-control" id="idTplPassword0" name="tpl_password" placeholder="Password" maxlength="255">
|
||||
<input type="password" class="form-control" id="idTplPassword0" name="tpl_password" placeholder="Password" autocomplete="new-password">
|
||||
</div>
|
||||
<div class="form-group col-md-5">
|
||||
<textarea class="form-control" id="idTplPublicKey0" name="tpl_public_keys" rows="5"
|
||||
|
|
@ -108,7 +108,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="form-group row">
|
||||
<label for="idPassword" class="col-sm-2 col-form-label">Password</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idPassword" name="password" value="{{.User.Password}}" placeholder="">
|
||||
<input type="password" class="form-control" id="idPassword" name="password" value="{{.User.Password}}" placeholder="" autocomplete="new-password">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
@ -1120,7 +1120,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<input type="text" class="form-control" id="idTplUsername${index}" name="tpl_username" placeholder="Username" maxlength="255">
|
||||
</div>
|
||||
<div class="form-group col-md-3">
|
||||
<input type="password" class="form-control" id="idTplPassword${index}" name="tpl_password" placeholder="Password" maxlength="255">
|
||||
<input type="password" class="form-control" id="idTplPassword${index}" name="tpl_password" placeholder="Password" autocomplete="new-password">
|
||||
</div>
|
||||
<div class="form-group col-md-5">
|
||||
<textarea class="form-control" id="idTplPublicKey${index}" name="tpl_public_keys" rows="5"
|
||||
|
|
|
|||
|
|
@ -33,21 +33,21 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="form-group row">
|
||||
<label for="idCurrentPassword" class="col-sm-2 col-form-label">Current password</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idCurrentPassword" name="current_password" required>
|
||||
<input type="password" class="form-control" id="idCurrentPassword" name="current_password" autocomplete="new-password" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group row">
|
||||
<label for="idNewPassword1" class="col-sm-2 col-form-label">New password</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idNewPassword1" name="new_password1" required>
|
||||
<input type="password" class="form-control" id="idNewPassword1" name="new_password1" autocomplete="new-password" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group row">
|
||||
<label for="idNewPassword2" class="col-sm-2 col-form-label">Confirm password</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idNewPassword2" name="new_password2" required>
|
||||
<input type="password" class="form-control" id="idNewPassword2" name="new_password2" autocomplete="new-password" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="card-body text-form-error">{{.Error}}</div>
|
||||
</div>
|
||||
{{end}}
|
||||
<form id="login_form" action="{{.CurrentURL}}" method="POST" autocomplete="off"
|
||||
<form id="login_form" action="{{.CurrentURL}}" method="POST"
|
||||
class="user-custom">
|
||||
{{if not .FormDisabled}}
|
||||
<div class="form-group">
|
||||
|
|
@ -32,7 +32,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
</div>
|
||||
<div class="form-group">
|
||||
<input type="password" class="form-control form-control-user-custom"
|
||||
id="inputPassword" name="password" placeholder="Password" required>
|
||||
id="inputPassword" name="password" placeholder="Password" autocomplete="current-password" required>
|
||||
{{if .ForgotPwdURL}}
|
||||
<div class="text-right">
|
||||
<a class="small" href="{{.ForgotPwdURL}}">Forgot password?</a>
|
||||
|
|
|
|||
|
|
@ -102,7 +102,7 @@ along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|||
<div class="form-group row">
|
||||
<label for="idPassword" class="col-sm-2 col-form-label">Password</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="password" class="form-control" id="idPassword" name="password" placeholder=""
|
||||
<input type="password" class="form-control" id="idPassword" name="password" autocomplete="new-password" placeholder=""
|
||||
value="{{.Share.Password}}" aria-describedby="passwordHelpBlock">
|
||||
<small id="passwordHelpBlock" class="form-text text-muted">
|
||||
If set the share will be password-protected
|
||||
|
|
|
|||
Loading…
Reference in a new issue