DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-12 16:44:08 -08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Try to prevent the browser from pre-filling the LDAP password

Browse source 
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2023-08-28 18:36:06 +01:00
parent 535ca0e3c0
commit 7787ca328c
1 changed files with 15 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
resources/views/settings/ldap.blade.php
View file

@ -18,6 +18,15 @@
.checkbox label { .checkbox label {
padding-right: 40px; padding-right: 40px;
} }
/*
Don't make the password field *look* readonly - this is for usability, so admins don't think they can't edit this field.
*/
.form-control[readonly] {
background-color: white;
color: #555555;
cursor:text;
}
</style> </style>
@if ((!function_exists('ldap_connect')) || (!function_exists('ldap_set_option')) || (!function_exists('ldap_bind'))) @if ((!function_exists('ldap_connect')) || (!function_exists('ldap_set_option')) || (!function_exists('ldap_bind')))
@ -34,10 +43,12 @@
@endif @endif
{{ Form::open(['method' => 'POST', 'files' => false, 'autocomplete' => 'false', 'class' => 'form-horizontal', 'role' => 'form']) }} {{ Form::open(['method' => 'POST', 'files' => false, 'autocomplete' => 'off', 'class' => 'form-horizontal', 'role' => 'form']) }}
<!-- CSRF Token --> <!-- CSRF Token -->
{{csrf_field()}} {{csrf_field()}}
<input type="hidden" name="username" value="{{ Request::old('username', $user->username) }}">
<!-- this is a hack to prevent Chrome from trying to autocomplete fields --> <!-- this is a hack to prevent Chrome from trying to autocomplete fields -->
<input type="text" name="prevent_autofill" id="prevent_autofill" value="" style="display:none;" /> <input type="text" name="prevent_autofill" id="prevent_autofill" value="" style="display:none;" />
<input type="password" name="password_fake" id="password_fake" value="" style="display:none;" /> <input type="password" name="password_fake" id="password_fake" value="" style="display:none;" />
@ -54,7 +65,6 @@
</div> </div>
<div class="box-body"> <div class="box-body">
<div class="col-md-11 col-md-offset-1"> <div class="col-md-11 col-md-offset-1">
<!-- Enable LDAP --> <!-- Enable LDAP -->
@ -230,7 +240,7 @@
{{ Form::label('ldap_uname', trans('admin/settings/general.ldap_uname')) }} {{ Form::label('ldap_uname', trans('admin/settings/general.ldap_uname')) }}
</div> </div>
<div class="col-md-8"> <div class="col-md-8">
{{ Form::text('ldap_uname', Request::old('ldap_uname', $setting->ldap_uname), ['class' => 'form-control','placeholder' => trans('general.example') .'binduser@example.com', $setting->demoMode]) }} {{ Form::text('ldap_uname', Request::old('ldap_uname', $setting->ldap_uname), ['class' => 'form-control','autocomplete' => 'off', 'placeholder' => trans('general.example') .'binduser@example.com', $setting->demoMode]) }}
{!! $errors->first('ldap_uname', '<span class="alert-msg" aria-hidden="true">:message</span>') !!} {!! $errors->first('ldap_uname', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}
@if (config('app.lock_passwords')===true) @if (config('app.lock_passwords')===true)
<p class="text-warning"><i class="fas fa-lock" aria-hidden="true"></i> {{ trans('general.feature_disabled') }}</p> <p class="text-warning"><i class="fas fa-lock" aria-hidden="true"></i> {{ trans('general.feature_disabled') }}</p>
@ -244,7 +254,7 @@
{{ Form::label('ldap_pword', trans('admin/settings/general.ldap_pword')) }} {{ Form::label('ldap_pword', trans('admin/settings/general.ldap_pword')) }}
</div> </div>
<div class="col-md-8"> <div class="col-md-8">
{{ Form::password('ldap_pword', ['class' => 'form-control','placeholder' => trans('general.example') .' binduserpassword', $setting->demoMode]) }} {{ Form::password('ldap_pword', ['class' => 'form-control', 'autocomplete' => 'off', 'onfocus' => "this.removeAttribute('readonly');", $setting->demoMode, ' readonly']) }}
{!! $errors->first('ldap_pword', '<span class="alert-msg" aria-hidden="true">:message</span>') !!} {!! $errors->first('ldap_pword', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}
@if (config('app.lock_passwords')===true) @if (config('app.lock_passwords')===true)
<p class="text-warning"><i class="fas fa-lock" aria-hidden="true"></i> {{ trans('general.feature_disabled') }}</p> <p class="text-warning"><i class="fas fa-lock" aria-hidden="true"></i> {{ trans('general.feature_disabled') }}</p>
@ -538,7 +548,7 @@
<input type="text" name="ldaptest_user" id="ldaptest_user" class="form-control" placeholder="LDAP username"> <input type="text" name="ldaptest_user" id="ldaptest_user" class="form-control" placeholder="LDAP username">
</div> </div>
<div class="col-md-4"> <div class="col-md-4">
<input type="password" name="ldaptest_password" id="ldaptest_password" class="form-control" placeholder="LDAP password"> <input type="password" name="ldaptest_password" id="ldaptest_password" class="form-control" placeholder="LDAP password" autocomplete="off" readonly onfocus="this.removeAttribute('readonly');">
</div> </div>
<div class="col-md-3"> <div class="col-md-3">
<a class="btn btn-default btn-sm" id="ldaptestlogin" style="margin-right: 10px;">{{ trans('admin/settings/general.ldap_test') }}</a> <a class="btn btn-default btn-sm" id="ldaptestlogin" style="margin-right: 10px;">{{ trans('admin/settings/general.ldap_test') }}</a>