even in current Chrome
Message-ID: <579f11d7.y6tV1gye/ZsLjl2E%lm(a)mathias-kettner.de>
User-Agent: Heirloom mailx 12.5 6/20/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Module: check_mk
Branch: master
Commit: 65648d2bd3f6b748b0cb590400e879f12d90f8cd
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=65648d2bd3f6b7…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Mon Aug 1 11:09:38 2016 +0200
3729 FIX Disabling password field completion for most forms, even in current Chrome
---
.werks/3729 | 9 +++++++++
ChangeLog | 1 +
web/htdocs/valuespec.py | 11 ++++++++++-
web/htdocs/wato.py | 10 +++++-----
4 files changed, 25 insertions(+), 6 deletions(-)
diff --git a/.werks/3729 b/.werks/3729
new file mode 100644
index 0000000..e4598f3
--- /dev/null
+++ b/.werks/3729
@@ -0,0 +1,9 @@
+Title: Disabling password field completion for most forms, even in current Chrome
+Level: 1
+Component: multisite
+Compatible: compat
+Version: 1.4.0i1
+Date: 1470042544
+Class: fix
+
+
diff --git a/ChangeLog b/ChangeLog
index 9646aaf..a7f4336 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -411,6 +411,7 @@
* 3722 FIX: Mobile GUI: Prevent it from being opened with regular sidebar
* 3723 FIX: Mobile GUI: Don't mix classic and mobile GUI when choosing classic on
mobile device
* 3645 FIX: Fixed filesystem growth/shrinkage graph by splitting it up into 2
graphs.
+ * 3729 FIX: Disabling password field completion for most forms, even in current
Chrome
WATO:
* 3244 WATO BI Module: swap order of aggregation function and child node
selection...
diff --git a/web/htdocs/valuespec.py b/web/htdocs/valuespec.py
index 1f9096c..8181c8b 100644
--- a/web/htdocs/valuespec.py
+++ b/web/htdocs/valuespec.py
@@ -3347,6 +3347,7 @@ class LDAPDistinguishedName(TextUnicode):
class Password(TextAscii):
def __init__(self, **kwargs):
self._is_stored_plain = kwargs.get("is_stored_plain", True)
+ self._autocomplete = kwargs.get("autocomplete", False)
if self._is_stored_plain:
plain_help = _("The password entered here is stored in plain text within
the "
@@ -3368,7 +3369,15 @@ class Password(TextAscii):
if self._label:
html.write(self._label)
html.write(" ")
- html.password_input(varprefix, str(value), size = self._size)
+
+ kwargs = {
+ "size": self._size,
+ }
+
+ if self._autocomplete == False:
+ kwargs["autocomplete"] = "new-password"
+
+ html.password_input(varprefix, str(value), **kwargs)
if self._is_stored_plain:
html.write("<span>%s</span>" % _("Please note that
this password is stored in plain "
"text."))
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index ff32bd1..5f7e261 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -10417,9 +10417,9 @@ def mode_edit_user(phase):
_("Normal user login with password"))
html.write("<ul><table><tr><td>%s</td><td>"
% _("password:"))
if not is_locked('password'):
- html.password_input("password_" + pw_suffix,
autocomplete="off")
+ html.password_input("password_" + pw_suffix,
autocomplete="new-password")
html.write("</td></tr><tr><td>%s</td><td>" %
_("repeat:"))
- html.password_input("password2_" + pw_suffix,
autocomplete="off")
+ html.password_input("password2_" + pw_suffix,
autocomplete="new-password")
html.write(" (%s)" % _("optional"))
html.write("</td></tr><tr><td>%s:</td><td>"
% _("Enforce change"))
# Only make password enforcement selection possible when user is allowed to
change the PW
@@ -14038,13 +14038,13 @@ def page_user_profile(change_pw=False):
if config.may('general.change_password') and not
is_locked('password'):
forms.section(_("Current Password"))
- html.password_input('cur_password', autocomplete = "off")
+ html.password_input('cur_password',
autocomplete="new-password")
forms.section(_("New Password"))
- html.password_input('password', autocomplete = "off")
+ html.password_input('password', autocomplete="new-password")
forms.section(_("New Password Confirmation"))
- html.password_input('password2', autocomplete = "off")
+ html.password_input('password2', autocomplete="new-password")
if not change_pw and config.may('general.edit_profile'):
select_language(user)