From: RainerW Date: Thu, 8 Oct 2015 10:32:35 +0000 (+0200) Subject: #932 do not trim passwords anywhere in the ui X-Git-Tag: v1.7.0~1^2~10^2 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=refs%2Fpull%2F940%2Fhead;p=gitblit.git #932 do not trim passwords anywhere in the ui --- diff --git a/src/main/java/com/gitblit/wicket/NonTrimmedPasswordTextField.java b/src/main/java/com/gitblit/wicket/NonTrimmedPasswordTextField.java new file mode 100644 index 00000000..1bf34e43 --- /dev/null +++ b/src/main/java/com/gitblit/wicket/NonTrimmedPasswordTextField.java @@ -0,0 +1,46 @@ +/* + * Copyright 2013 gitblit.com. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.gitblit.wicket; + +import org.apache.wicket.markup.html.form.PasswordTextField; +import org.apache.wicket.model.IModel; + +/** + * PasswordText field which will not trim spaces from the input field. This + * ensures the password trimming behaviour is everywhere (ui/ssh/git) the same + * (#932). + */ +public class NonTrimmedPasswordTextField extends PasswordTextField +{ + private static final long serialVersionUID = 1L; + + public NonTrimmedPasswordTextField(final String id) + { + super(id); + } + + public NonTrimmedPasswordTextField(final String id, final IModel model) + { + super(id, model); + } + + @Override + protected boolean shouldTrimInput() + { + return false; + } + +} diff --git a/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java b/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java index a6aca22d..259a4bf4 100644 --- a/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java +++ b/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java @@ -19,7 +19,6 @@ import java.text.MessageFormat; import org.apache.wicket.RestartResponseException; import org.apache.wicket.markup.html.form.Button; -import org.apache.wicket.markup.html.form.PasswordTextField; import org.apache.wicket.markup.html.form.StatelessForm; import org.apache.wicket.model.IModel; import org.apache.wicket.model.Model; @@ -31,6 +30,7 @@ import com.gitblit.Keys; import com.gitblit.models.UserModel; import com.gitblit.utils.StringUtils; import com.gitblit.wicket.GitBlitWebSession; +import com.gitblit.wicket.NonTrimmedPasswordTextField; public class ChangePasswordPage extends RootSubPage { @@ -114,10 +114,10 @@ public class ChangePasswordPage extends RootSubPage { setResponsePage(RepositoriesPage.class); } }; - PasswordTextField passwordField = new PasswordTextField("password", password); + NonTrimmedPasswordTextField passwordField = new NonTrimmedPasswordTextField("password", password); passwordField.setResetPassword(false); form.add(passwordField); - PasswordTextField confirmPasswordField = new PasswordTextField("confirmPassword", + NonTrimmedPasswordTextField confirmPasswordField = new NonTrimmedPasswordTextField("confirmPassword", confirmPassword); confirmPasswordField.setResetPassword(false); form.add(confirmPasswordField); diff --git a/src/main/java/com/gitblit/wicket/pages/EditUserPage.java b/src/main/java/com/gitblit/wicket/pages/EditUserPage.java index c6b5c3c7..220bee3f 100644 --- a/src/main/java/com/gitblit/wicket/pages/EditUserPage.java +++ b/src/main/java/com/gitblit/wicket/pages/EditUserPage.java @@ -27,7 +27,6 @@ import org.apache.wicket.extensions.markup.html.form.palette.Palette; import org.apache.wicket.markup.html.form.Button; import org.apache.wicket.markup.html.form.CheckBox; import org.apache.wicket.markup.html.form.Form; -import org.apache.wicket.markup.html.form.PasswordTextField; import org.apache.wicket.markup.html.form.TextField; import org.apache.wicket.model.CompoundPropertyModel; import org.apache.wicket.model.Model; @@ -42,6 +41,7 @@ import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.TeamModel; import com.gitblit.models.UserModel; import com.gitblit.utils.StringUtils; +import com.gitblit.wicket.NonTrimmedPasswordTextField; import com.gitblit.wicket.RequiresAdminRole; import com.gitblit.wicket.StringChoiceRenderer; import com.gitblit.wicket.WicketUtils; @@ -242,10 +242,10 @@ public class EditUserPage extends RootSubPage { // field names reflective match UserModel fields form.add(new TextField("username").setEnabled(editCredentials)); - PasswordTextField passwordField = new PasswordTextField("password"); + NonTrimmedPasswordTextField passwordField = new NonTrimmedPasswordTextField("password"); passwordField.setResetPassword(false); form.add(passwordField.setEnabled(editCredentials)); - PasswordTextField confirmPasswordField = new PasswordTextField("confirmPassword", + NonTrimmedPasswordTextField confirmPasswordField = new NonTrimmedPasswordTextField("confirmPassword", confirmPassword); confirmPasswordField.setResetPassword(false); form.add(confirmPasswordField.setEnabled(editCredentials)); diff --git a/src/main/java/com/gitblit/wicket/pages/RootPage.java b/src/main/java/com/gitblit/wicket/pages/RootPage.java index 61d7b759..79a4fc67 100644 --- a/src/main/java/com/gitblit/wicket/pages/RootPage.java +++ b/src/main/java/com/gitblit/wicket/pages/RootPage.java @@ -40,7 +40,6 @@ import org.apache.wicket.behavior.HeaderContributor; import org.apache.wicket.markup.html.IHeaderContributor; import org.apache.wicket.markup.html.IHeaderResponse; import org.apache.wicket.markup.html.basic.Label; -import org.apache.wicket.markup.html.form.PasswordTextField; import org.apache.wicket.markup.html.form.TextField; import org.apache.wicket.markup.html.link.BookmarkablePageLink; import org.apache.wicket.markup.html.panel.Fragment; @@ -71,6 +70,7 @@ import com.gitblit.models.UserModel; import com.gitblit.utils.ModelUtils; import com.gitblit.utils.StringUtils; import com.gitblit.wicket.GitBlitWebSession; +import com.gitblit.wicket.NonTrimmedPasswordTextField; import com.gitblit.wicket.SessionlessForm; import com.gitblit.wicket.WicketUtils; import com.gitblit.wicket.panels.AvatarImage; @@ -581,7 +581,7 @@ public abstract class RootPage extends BasePage { TextField unameField = new TextField("username", username); WicketUtils.setInputPlaceholder(unameField, markupProvider.getString("gb.username")); loginForm.add(unameField); - PasswordTextField pwField = new PasswordTextField("password", password); + NonTrimmedPasswordTextField pwField = new NonTrimmedPasswordTextField("password", password); WicketUtils.setInputPlaceholder(pwField, markupProvider.getString("gb.password")); loginForm.add(pwField); add(loginForm);