even in current Chrome Message-ID: &lt;579f11d7.y6tV1gye/ZsLjl2E%lm(a)mathias-kettner.de&gt; User-Agent: Heirloom mailx 12.5 6/20/10 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Module: check_mk Branch: master Commit: 65648d2bd3f6b748b0cb590400e879f12d90f8cd URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=65648d2bd3f6b7… Author: Lars Michelsen &lt;lm(a)mathias-kettner.de&gt; Date: Mon Aug 1 11:09:38 2016 +0200 3729 FIX Disabling password field completion for most forms, even in current Chrome --- .werks/3729 | 9 +++++++++ ChangeLog | 1 + web/htdocs/valuespec.py | 11 ++++++++++- web/htdocs/wato.py | 10 +++++----- 4 files changed, 25 insertions(+), 6 deletions(-) diff --git a/.werks/3729 b/.werks/3729 new file mode 100644 index 0000000..e4598f3 --- /dev/null +++ b/.werks/3729 @@ -0,0 +1,9 @@ +Title: Disabling password field completion for most forms, even in current Chrome +Level: 1 +Component: multisite +Compatible: compat +Version: 1.4.0i1 +Date: 1470042544 +Class: fix + + diff --git a/ChangeLog b/ChangeLog index 9646aaf..a7f4336 100644 --- a/ChangeLog +++ b/ChangeLog @@ -411,6 +411,7 @@ * 3722 FIX: Mobile GUI: Prevent it from being opened with regular sidebar * 3723 FIX: Mobile GUI: Don't mix classic and mobile GUI when choosing classic on mobile device * 3645 FIX: Fixed filesystem growth/shrinkage graph by splitting it up into 2 graphs. + * 3729 FIX: Disabling password field completion for most forms, even in current Chrome WATO: * 3244 WATO BI Module: swap order of aggregation function and child node selection... diff --git a/web/htdocs/valuespec.py b/web/htdocs/valuespec.py index 1f9096c..8181c8b 100644 --- a/web/htdocs/valuespec.py +++ b/web/htdocs/valuespec.py @@ -3347,6 +3347,7 @@ class LDAPDistinguishedName(TextUnicode): class Password(TextAscii): def __init__(self, **kwargs): self._is_stored_plain = kwargs.get("is_stored_plain", True) + self._autocomplete = kwargs.get("autocomplete", False) if self._is_stored_plain: plain_help = _("The password entered here is stored in plain text within the " @@ -3368,7 +3369,15 @@ class Password(TextAscii): if self._label: html.write(self._label) html.write("&nbsp;") - html.password_input(varprefix, str(value), size = self._size) + + kwargs = { + "size": self._size, + } + + if self._autocomplete == False: + kwargs["autocomplete"] = "new-password" + + html.password_input(varprefix, str(value), **kwargs) if self._is_stored_plain: html.write("<span>%s</span>" % _("Please note that this password is stored in plain " "text.")) diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py index ff32bd1..5f7e261 100644 --- a/web/htdocs/wato.py +++ b/web/htdocs/wato.py @@ -10417,9 +10417,9 @@ def mode_edit_user(phase): _("Normal user login with password")) html.write("<ul><table><tr><td>%s</td><td>" % _("password:")) if not is_locked('password'): - html.password_input("password_" + pw_suffix, autocomplete="off") + html.password_input("password_" + pw_suffix, autocomplete="new-password") html.write("</td></tr><tr><td>%s</td><td>" % _("repeat:")) - html.password_input("password2_" + pw_suffix, autocomplete="off") + html.password_input("password2_" + pw_suffix, autocomplete="new-password") html.write(" (%s)" % _("optional")) html.write("</td></tr><tr><td>%s:</td><td>" % _("Enforce change")) # Only make password enforcement selection possible when user is allowed to change the PW @@ -14038,13 +14038,13 @@ def page_user_profile(change_pw=False): if config.may('general.change_password') and not is_locked('password'): forms.section(_("Current Password")) - html.password_input('cur_password', autocomplete = "off") + html.password_input('cur_password', autocomplete="new-password") forms.section(_("New Password")) - html.password_input('password', autocomplete = "off") + html.password_input('password', autocomplete="new-password") forms.section(_("New Password Confirmation")) - html.password_input('password2', autocomplete = "off") + html.password_input('password2', autocomplete="new-password") if not change_pw and config.may('general.edit_profile'): select_language(user)