From 9f4930ec11b4185fcb17e5394fd0234dfcf16ed3 Mon Sep 17 00:00:00 2001 From: Claire Date: Tue, 8 Nov 2022 03:53:06 +0100 Subject: Add password autocomplete hints (#20071) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes #20067 Our password autocomplete hints were “off” but that does not prevent current browsers from trying to autocomplete them anyway, so use `current-password` and `new-password` so they don't put a newly-generated password in a password confirmation prompt, or the old password for a password renewal prompt. --- app/views/auth/challenges/new.html.haml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/views/auth/challenges/new.html.haml') diff --git a/app/views/auth/challenges/new.html.haml b/app/views/auth/challenges/new.html.haml index 9aef2c35d..ff4b7a506 100644 --- a/app/views/auth/challenges/new.html.haml +++ b/app/views/auth/challenges/new.html.haml @@ -5,7 +5,7 @@ = f.input :return_to, as: :hidden .field-group - = f.input :current_password, wrapper: :with_block_label, input_html: { :autocomplete => 'off', :autofocus => true }, label: t('challenge.prompt'), required: true + = f.input :current_password, wrapper: :with_block_label, input_html: { :autocomplete => 'current-password', :autofocus => true }, label: t('challenge.prompt'), required: true .actions = f.button :button, t('challenge.confirm'), type: :submit -- cgit