diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2020-11-17 16:10:18 +0100 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2020-11-17 16:10:18 +0100 |
| commit | 644e7a2085d8f290eace43378e035910bb493e96 (patch) | |
| tree | 45e6fc251589a047b7a6e374c65f1a8d6c517d7b /apps/settings/templates | |
| parent | 5acabcf5cbcb1db92fd9661bc1ed5735ae316323 (diff) | |
| download | nextcloud-server-644e7a2085d8f290eace43378e035910bb493e96.tar.gz nextcloud-server-644e7a2085d8f290eace43378e035910bb493e96.zip | |
Move the password fiels of chaging passwords to post
* This is not actually used with GET (obviously). But else some scanners
trip on it
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'apps/settings/templates')
| -rw-r--r-- | apps/settings/templates/settings/personal/security/password.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/settings/templates/settings/personal/security/password.php b/apps/settings/templates/settings/personal/security/password.php index 7edd9e20126..5ffa9aaf8bc 100644 --- a/apps/settings/templates/settings/personal/security/password.php +++ b/apps/settings/templates/settings/personal/security/password.php @@ -37,7 +37,7 @@ if ($_['passwordChangeSupported']) { <h2 class="inlineblock"><?php p($l->t('Password'));?></h2> <span id="password-error-msg" class="msg success hidden">Saved</span> <div class="personal-settings-setting-box personal-settings-password-box"> - <form id="passwordform"> + <form id="passwordform" method="POST"> <label for="pass1" class="hidden-visually"><?php p($l->t('Current password')); ?>: </label> <input type="password" id="pass1" name="oldpassword" placeholder="<?php p($l->t('Current password'));?>" |