diff options
author | Dennis1993 <Dennis1993@users.noreply.github.com> | 2018-10-31 09:19:02 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-31 09:19:02 +0100 |
commit | 708658afa34612667191fe06560ec1f37b1cab43 (patch) | |
tree | 5dc91dbc3f454122d354c1b57d16116023425f43 | |
parent | 426641a795c41aaa1e48715c9fa2c39d2a8cb387 (diff) | |
parent | 2a9b56f77bf4622b4dbc8e954fcfc2a3226d3110 (diff) | |
download | nextcloud-server-708658afa34612667191fe06560ec1f37b1cab43.tar.gz nextcloud-server-708658afa34612667191fe06560ec1f37b1cab43.zip |
Merge pull request #12089 from Rayn0r/master
added possibility to disable autocomplete in login form
-rw-r--r-- | config/config.sample.php | 10 | ||||
-rw-r--r-- | core/Controller/LoginController.php | 8 | ||||
-rw-r--r-- | core/templates/login.php | 4 | ||||
-rw-r--r-- | tests/Core/Controller/LoginControllerTest.php | 20 |
4 files changed, 34 insertions, 8 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index 25f56904dc4..902bfa6e44d 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -1663,4 +1663,14 @@ $CONFIG = array( * If this is set to "false" it will not show the link. */ 'simpleSignUpLink.shown' => true, + +/** + * By default autocompletion is enabled for the login form on Nextcloud's login page. + * While this is enabled, browsers are allowed to "remember" login names and such. + * Some companies require it to be disabled to comply with their security policy. + * + * Simply set this property to "false", if you want to turn this feature off. + */ + +'login_form_autocomplete' => true, ); diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index a9fb22f21b7..d34f243f15f 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -171,6 +171,14 @@ class LoginController extends Controller { $parameters['loginName'] = ''; $parameters['user_autofocus'] = true; } + + $autocomplete = $this->config->getSystemValue('login_form_autocomplete', true); + if ($autocomplete){ + $parameters['login_form_autocomplete'] = 'on'; + } else { + $parameters['login_form_autocomplete'] = 'off'; + } + if (!empty($redirect_url)) { $parameters['redirect_url'] = $redirect_url; } diff --git a/core/templates/login.php b/core/templates/login.php index 989ea1eaad5..3035d23da70 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -42,7 +42,7 @@ use OC\Core\Controller\LoginController; aria-label="<?php p($l->t('Username or email')); ?>" value="<?php p($_['loginName']); ?>" <?php p($_['user_autofocus'] ? 'autofocus' : ''); ?> - autocomplete="on" autocapitalize="none" autocorrect="off" required> + autocomplete="<?php p($_['login_form_autocomplete']); ?>" autocapitalize="none" autocorrect="off" required> <label for="user" class="infield"><?php p($l->t('Username or email')); ?></label> </p> @@ -51,7 +51,7 @@ use OC\Core\Controller\LoginController; placeholder="<?php p($l->t('Password')); ?>" aria-label="<?php p($l->t('Password')); ?>" <?php p($_['user_autofocus'] ? '' : 'autofocus'); ?> - autocomplete="on" autocapitalize="off" autocorrect="none" required> + autocomplete="<?php p($_['login_form_autocomplete']); ?>" autocapitalize="none" autocorrect="off" required> <label for="password" class="infield"><?php p($l->t('Password')); ?></label> </p> diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php index f2e8d112b64..efe85d81e1c 100644 --- a/tests/Core/Controller/LoginControllerTest.php +++ b/tests/Core/Controller/LoginControllerTest.php @@ -199,6 +199,7 @@ class LoginControllerTest extends TestCase { 'alt_login' => [], 'resetPasswordLink' => null, 'throttle_delay' => 1000, + 'login_form_autocomplete' => 'off', ], 'guest' ); @@ -223,6 +224,7 @@ class LoginControllerTest extends TestCase { 'alt_login' => [], 'resetPasswordLink' => null, 'throttle_delay' => 1000, + 'login_form_autocomplete' => 'off', ], 'guest' ); @@ -255,10 +257,12 @@ class LoginControllerTest extends TestCase { ->method('isLoggedIn') ->willReturn(false); $this->config - ->expects($this->once()) + ->expects($this->exactly(2)) ->method('getSystemValue') - ->with('lost_password_link') - ->willReturn(false); + ->will($this->returnValueMap([ + ['login_form_autocomplete', true, true], + ['lost_password_link', '', false], + ])); $user = $this->createMock(IUser::class); $user ->expects($this->once()) @@ -281,6 +285,7 @@ class LoginControllerTest extends TestCase { 'alt_login' => [], 'resetPasswordLink' => false, 'throttle_delay' => 1000, + 'login_form_autocomplete' => 'on', ], 'guest' ); @@ -338,10 +343,12 @@ class LoginControllerTest extends TestCase { ->method('isLoggedIn') ->willReturn(false); $this->config - ->expects($this->once()) + ->expects($this->exactly(2)) ->method('getSystemValue') - ->with('lost_password_link') - ->willReturn(false); + ->will($this->returnValueMap([ + ['login_form_autocomplete', true, true], + ['lost_password_link', '', false], + ])); $user = $this->createMock(IUser::class); $user->expects($this->once()) ->method('canChangePassword') @@ -363,6 +370,7 @@ class LoginControllerTest extends TestCase { 'alt_login' => [], 'resetPasswordLink' => false, 'throttle_delay' => 1000, + 'login_form_autocomplete' => 'on', ], 'guest' ); |