opensourcemirror
/
concourse
mirror of https://github.com/concourse/concourse.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Set autocomplete to off for login form 

fixes CWE 525

Signed-off-by: Taylor Silva <tsilva@pivotal.io>
This commit is contained in:
Taylor Silva 2021-04-22 12:12:58 -04:00
parent 0af59c6a89
commit 50dc9aaf62
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
skymarshal/dexserver/web/templates/password.html
View File

@ -7,12 +7,12 @@
<div class="theme-panel">
<h2 class="theme-heading">log in to your account</h2>
<form method="post" action="{{ .PostURL }}">
<form method="post" action="{{ .PostURL }}" autocomplete="off">
<div class="theme-form-row">
<div class="theme-form-label">
<label for="userid">{{ $usernamePrompt }}</label>
</div>
<input tabindex="1" required id="login" name="login" type="text" class="theme-form-input" placeholder="{{ $usernamePrompt }}" {{ if .Username }} value="{{ .Username }}" {{ else }} autofocus {{ end }}/>
<input tabindex="1" required id="login" name="login" type="text" class="theme-form-input" placeholder="{{ $usernamePrompt }}" autocomplete="off"{{ if .Username }} value="{{ .Username }}" {{ else }} autofocus {{ end }}/>
</div>
<div class="theme-form-row">
<div class="theme-form-label">