diff options
| author | Bwko <bouwko@gmail.com> | 2016-11-29 22:49:06 +0100 |
|---|---|---|
| committer | Bwko <bouwko@gmail.com> | 2016-11-29 22:49:06 +0100 |
| commit | 1e9730a779409e78ce8df7270cf264ad4f0ec2c4 (patch) | |
| tree | c473997ea32f5932e2b7c4187a4c619cd160889c /templates | |
| parent | ccad2cce32c5bc0b66a525cfbb2b9b67c6cd956b (diff) | |
| download | gitea-1e9730a779409e78ce8df7270cf264ad4f0ec2c4.tar.gz gitea-1e9730a779409e78ce8df7270cf264ad4f0ec2c4.zip | |
Fixes xss, clickjacking & password autocompletion
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/user/auth/reset_passwd.tmpl | 2 | ||||
| -rw-r--r-- | templates/user/auth/signin.tmpl | 2 | ||||
| -rw-r--r-- | templates/user/auth/signup.tmpl | 4 | ||||
| -rw-r--r-- | templates/user/settings/password.tmpl | 8 |
4 files changed, 8 insertions, 8 deletions
diff --git a/templates/user/auth/reset_passwd.tmpl b/templates/user/auth/reset_passwd.tmpl index cb124f5b25..2408d39a7c 100644 --- a/templates/user/auth/reset_passwd.tmpl +++ b/templates/user/auth/reset_passwd.tmpl @@ -13,7 +13,7 @@ {{if .IsResetForm}} <div class="required inline field {{if .Err_Password}}error{{end}}"> <label for="password">{{.i18n.Tr "password"}}</label> - <input id="password" name="password" type="password" value="{{.password}}" autofocus required> + <input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" autofocus required> </div> <div class="ui divider"></div> <div class="inline field"> diff --git a/templates/user/auth/signin.tmpl b/templates/user/auth/signin.tmpl index b928f2bdb5..85b7e70277 100644 --- a/templates/user/auth/signin.tmpl +++ b/templates/user/auth/signin.tmpl @@ -15,7 +15,7 @@ </div> <div class="required inline field {{if .Err_Password}}error{{end}}"> <label for="password">{{.i18n.Tr "password"}}</label> - <input id="password" name="password" type="password" value="{{.password}}" required> + <input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" required> </div> <div class="inline field"> <label></label> diff --git a/templates/user/auth/signup.tmpl b/templates/user/auth/signup.tmpl index 86c020d6bb..ca98302ed2 100644 --- a/templates/user/auth/signup.tmpl +++ b/templates/user/auth/signup.tmpl @@ -22,11 +22,11 @@ </div> <div class="required inline field {{if .Err_Password}}error{{end}}"> <label for="password">{{.i18n.Tr "password"}}</label> - <input id="password" name="password" type="password" value="{{.password}}" required> + <input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" required> </div> <div class="required inline field {{if .Err_Password}}error{{end}}"> <label for="retype">{{.i18n.Tr "re_type"}}</label> - <input id="retype" name="retype" type="password" value="{{.retype}}" required> + <input id="retype" name="retype" type="password" value="{{.retype}}" autocomplete="off" required> </div> {{if .EnableCaptcha}} <div class="inline field"> diff --git a/templates/user/settings/password.tmpl b/templates/user/settings/password.tmpl index 644f4f9316..dc8b19062f 100644 --- a/templates/user/settings/password.tmpl +++ b/templates/user/settings/password.tmpl @@ -14,15 +14,15 @@ {{.CsrfTokenHtml}} <div class="required field {{if .Err_OldPassword}}error{{end}}"> <label for="old_password">{{.i18n.Tr "settings.old_password"}}</label> - <input id="old_password" name="old_password" type="password" autofocus required> + <input id="old_password" name="old_password" type="password" autocomplete="off" autofocus required> </div> <div class="required field {{if .Err_Password}}error{{end}}"> <label for="password">{{.i18n.Tr "settings.new_password"}}</label> - <input id="password" name="password" type="password" required> + <input id="password" name="password" type="password" autocomplete="off" required> </div> <div class="required field {{if .Err_Password}}error{{end}}"> <label for="retype">{{.i18n.Tr "settings.retype_new_password"}}</label> - <input id="retype" name="retype" type="password" required> + <input id="retype" name="retype" type="password" autocomplete="off" required> </div> <div class="field"> @@ -33,7 +33,7 @@ <div class="ui info message"> <p class="text left">{{$.i18n.Tr "settings.password_change_disabled"}}</p> </div> - {{end}} + {{end}} </div> </div> </div> |