1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-11-26 05:50:29 +01:00

"Spell-Jacking" mitigation ~ prevent sensitive data leak from spell checker.

@see https://www.otto-js.com/news/article/chrome-and-edge-enhanced-spellcheck-features-expose-pii-even-your-passwords
Dieser Commit ist enthalten in:
Daniel Hammer 2023-01-15 15:17:00 +01:00
Ursprung 9366e31452
Commit 9b20decdc1
2 geänderte Dateien mit 3 neuen und 3 gelöschten Zeilen

Datei anzeigen

@ -47,7 +47,7 @@
<div class="row my-2 align-items-center pt-3 border-top" title="Send a test email to given email address"> <div class="row my-2 align-items-center pt-3 border-top" title="Send a test email to given email address">
<label for="smtp-test-email" class="col-sm-3 col-form-label">Test SMTP</label> <label for="smtp-test-email" class="col-sm-3 col-form-label">Test SMTP</label>
<div class="col-sm-8 input-group"> <div class="col-sm-8 input-group">
<input class="form-control" id="smtp-test-email" type="email" placeholder="Enter test email" required> <input class="form-control" id="smtp-test-email" type="email" placeholder="Enter test email" required spellcheck="false">
<button type="button" class="btn btn-outline-primary input-group-text" id="smtpTest">Send test email</button> <button type="button" class="btn btn-outline-primary input-group-text" id="smtpTest">Send test email</button>
<div class="invalid-tooltip">Please provide a valid email address</div> <div class="invalid-tooltip">Please provide a valid email address</div>
</div> </div>
@ -85,7 +85,7 @@
<input readonly class="form-control" id="input_{{name}}" type="password" value="{{value}}" {{#if default}} placeholder="Default: {{default}}" {{/if}}> <input readonly class="form-control" id="input_{{name}}" type="password" value="{{value}}" {{#if default}} placeholder="Default: {{default}}" {{/if}}>
<button class="btn btn-outline-secondary" type="button" data-vw-pw-toggle="input_{{name}}">Show/hide</button> <button class="btn btn-outline-secondary" type="button" data-vw-pw-toggle="input_{{name}}">Show/hide</button>
{{else}} {{else}}
<input readonly class="form-control" id="input_{{name}}" type="{{type}}" value="{{value}}" {{#if default}} placeholder="Default: {{default}}" {{/if}}> <input readonly class="form-control" id="input_{{name}}" type="{{type}}" value="{{value}}" {{#if default}} placeholder="Default: {{default}}" {{/if}} spellcheck="false">
{{#case type "password"}} {{#case type "password"}}
<button class="btn btn-outline-secondary" type="button" data-vw-pw-toggle="input_{{name}}">Show/hide</button> <button class="btn btn-outline-secondary" type="button" data-vw-pw-toggle="input_{{name}}">Show/hide</button>
{{/case}} {{/case}}

Datei anzeigen

@ -96,7 +96,7 @@
<small>Email:</small> <small>Email:</small>
<form class="form-inline input-group w-50" id="inviteUserForm"> <form class="form-inline input-group w-50" id="inviteUserForm">
<input type="email" class="form-control me-2" id="inviteEmail" placeholder="Enter email" required> <input type="email" class="form-control me-2" id="inviteEmail" placeholder="Enter email" required spellcheck="false">
<button type="submit" class="btn btn-primary">Invite</button> <button type="submit" class="btn btn-primary">Invite</button>
</form> </form>
</div> </div>