Commit 92bafad4 authored by IKEDA Soji's avatar IKEDA Soji
Browse files

Add autocomplete="off" to all forms unless explicitly enabled.

However, this cannot prevent heuristics by Google Chrome.
parent 90b6c391
......@@ -63,7 +63,7 @@
[% END ~%]
[% IF use_passwd ~%]
<form action="[% path_cgi %]" method="post">
<form action="[% path_cgi %]" method="post" autocomplete="on">
<fieldset>
<input type="hidden" name="previous_action" value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
......
......@@ -42,7 +42,7 @@
[% END %]
[% END %]
[% IF SAFE_TO_REVEAL_EMAIL %]
<form class="bold_label" action="[% path_cgi %]" method="post">
<form class="bold_label" action="[% path_cgi %]" method="post" autocomplete="on">
<fieldset>
<input type="hidden" name="previous_action" value="[% previous_action %]" />
<input type="hidden" name="previous_list" value="[% previous_list %]" />
......
......@@ -2476,6 +2476,16 @@ sub send_html {
$beg . $content . $end;
}egisx;
}
# Add autocomplete="off" to all forms unless explicitly enabled.
$output =~ s{
<form ( \s+ [^>]*? /? ) >
}{
my $attrs = $1;
$attrs =~ s/(\s*\/?)\z/ autocomplete="off"$1/
unless $attrs =~ /\sautocomplete="[^"]*"/i;
"<form$attrs>";
}egisx;
print $output;
}
 
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment