MIRRORS/layerindex-web
1
0
Fork 0
mirror of git://git.yoctoproject.org/layerindex-web.git synced 2025-07-19 20:59:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Disable autocomplete on sensitive fields

Browse Source 
Disable autocomplete for registration/login/password change/password
reset forms, and security question / captcha fields on Edit Profile
form.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
This commit is contained in:
Paul Eggleton 2019-03-04 11:12:42 +13:00
parent 0196eda3f1
commit 348bd2661c
6 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
layerindex/forms.py
View File

@ -202,6 +202,10 @@ class EditProfileForm(StyledModelForm):
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
super(EditProfileForm, self ).__init__(*args, **kwargs) super(EditProfileForm, self ).__init__(*args, **kwargs)
for field in ['captcha', 'security_question_1', 'security_question_2', 'security_question_3', 'answer_1', 'answer_2', 'answer_3']:
self.fields[field].widget.attrs.update({
'autocomplete': 'off'
})
user = kwargs.get("instance") user = kwargs.get("instance")
try: try:
self.fields['security_question_1'].initial=user.userprofile.securityquestionanswer_set.all()[0].security_question self.fields['security_question_1'].initial=user.userprofile.securityquestionanswer_set.all()[0].security_question

2
templates/django_registration/registration_form.html
View File

@ -2,7 +2,7 @@
{% load i18n %} {% load i18n %}
{% block content %} {% block content %}
<form id="registration_form" method="post" action="."> <form id="registration_form" method="post" action="." autocomplete="off">
{% for hidden in form.hidden_fields %} {% for hidden in form.hidden_fields %}
{{ hidden }} {{ hidden }}
{% endfor %} {% endfor %}

2
templates/registration/login.html
View File

@ -5,7 +5,7 @@
{% endblock %} {% endblock %}
{% block content %} {% block content %}
<form id="login_form" method="post" action="."> <form id="login_form" method="post" action="." autocomplete="off">
{{ form.as_p }} {{ form.as_p }}
<input type="submit" class="btn btn-default" value="{% trans 'Log in' %}" /> <input type="submit" class="btn btn-default" value="{% trans 'Log in' %}" />

2
templates/registration/password_change_form.html
View File

@ -2,7 +2,7 @@
{% load i18n %} {% load i18n %}
{% block content %} {% block content %}
<form method="post" action="."> <form method="post" action="." autocomplete="off">
{% for hidden in form.hidden_fields %} {% for hidden in form.hidden_fields %}
{{ hidden }} {{ hidden }}
{% endfor %} {% endfor %}

2
templates/registration/password_reset_confirm.html
View File

@ -5,7 +5,7 @@
{% if validlink %} {% if validlink %}
<form id="password_form" method="post" action="."> <form id="password_form" method="post" action="." autocomplete="off">
{% for hidden in form.hidden_fields %} {% for hidden in form.hidden_fields %}
{{ hidden }} {{ hidden }}
{% endfor %} {% endfor %}

2
templates/registration/password_reset_form.html
View File

@ -2,7 +2,7 @@
{% load i18n %} {% load i18n %}
{% block content %} {% block content %}
<form id="password_form" method="post" action="."> <form id="password_form" method="post" action="." autocomplete="off">
{% for hidden in form.hidden_fields %} {% for hidden in form.hidden_fields %}
{{ hidden }} {{ hidden }}
{% endfor %} {% endfor %}