Bug 18955 - autocomplete is on in OPAC password recovery
In OPAC password recovery form autocomplete is not disabled. So when login or email is entered, it is saved in browser input history for autocomplete. This is a major issue for OPAC on computers with public access. This patch adds autocomplete off on forms. Test : - Enable system preferences OpacPasswordChange and OpacResetPassword - Go to OPAC - Be sure to not be logged in - Click on "Forgot your password?" - Enter a loggin and email and Submit => Without patch there is an autocompletion with values you entered => With patch there is no autocompletion Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This commit is contained in:
parent
51e8b7bbc9
commit
214a0e6102
1 changed files with 2 additions and 2 deletions
|
|
@ -78,7 +78,7 @@
|
|||
[% IF (!Koha.Preference('OpacResetPassword')) %]
|
||||
<div class="alert alert-info">You can't reset your password.</div>
|
||||
[% ELSIF (password_recovery) %]
|
||||
<form action="/cgi-bin/koha/opac-password-recovery.pl" method="post">
|
||||
<form action="/cgi-bin/koha/opac-password-recovery.pl" method="post" autocomplete="off">
|
||||
<input type="hidden" name="koha_login_context" value="opac" />
|
||||
<fieldset>
|
||||
<p>To reset your password, enter your login and your email address.
|
||||
|
|
@ -92,7 +92,7 @@
|
|||
</fieldset>
|
||||
</form>
|
||||
[% ELSIF (new_password) %]
|
||||
<form action="/cgi-bin/koha/opac-password-recovery.pl" method="post">
|
||||
<form action="/cgi-bin/koha/opac-password-recovery.pl" method="post" autocomplete="off">
|
||||
<input type="hidden" name="koha_login_context" value="opac" />
|
||||
<fieldset>
|
||||
<div class="alert alert-info">The password must contain at least [% minPassLength %] characters.</div>
|
||||
|
|
|
|||
Loading…
Reference in a new issue