diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2020-05-11 21:18:38 +0200 |
|---|---|---|
| committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2020-05-27 17:58:10 +0000 |
| commit | b6ab18b311f5e733eae41b94fa9817e9cbfa6f53 (patch) | |
| tree | 8d62105edde0d793b369e62cba7e7e23c1a4ba14 | |
| parent | c7c7433f11f16d6b9160dc38c646a6b7f9df0fdf (diff) | |
| download | nextcloud-server-b6ab18b311f5e733eae41b94fa9817e9cbfa6f53.tar.gz nextcloud-server-b6ab18b311f5e733eae41b94fa9817e9cbfa6f53.zip | |
Move the password confirmation form template to post
I know we use JS for this. But it triggers some false positives on
testing.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
| -rw-r--r-- | core/templates/layout.user.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/core/templates/layout.user.php b/core/templates/layout.user.php index 7712992c9bf..025c331aeaa 100644 --- a/core/templates/layout.user.php +++ b/core/templates/layout.user.php @@ -152,7 +152,7 @@ </header> <div id="sudo-login-background" class="hidden"></div> - <form id="sudo-login-form" class="hidden"> + <form id="sudo-login-form" class="hidden" method="POST"> <label> <?php p($l->t('This action requires you to confirm your password')); ?><br/> <input type="password" class="question" autocomplete="new-password" name="question" value=" <?php /* Hack against browsers ignoring autocomplete="off" */ ?>" |