git724/forgejo
1
0
Fork 0
Code Issues Pull requests 3 Projects 1 Releases Packages Wiki Activity
forgejo/templates
History
0ko e3ba342665 fix(ui): disable spellcheck on TOTP form fields (#7868) 
Ref https://codeberg.org/forgejo/forgejo/issues/7842#issuecomment-4574366

Currently browsers could offer spellcheck on these fields, my browser does.

MDN [recommends](https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Global_attributes/spellcheck#security_and_privacy_concerns) that on fields with sensitive information this property is set to `false` in case 3rd party not-fully-trusted spellchecking service is used. I consider these fields as containing sensitive information, and spellcheck is not useful on them anyway.

### Testing

There's currently no integration testing for these TOTP forms. I do plan to add some in my other TOTP-related work.

I tested that this did change the behavior in my browser and don't think we need additional testing right now.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7868
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Beowulf <beowulf@beocode.eu>
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: 0ko <0ko@noreply.codeberg.org>
Co-committed-by: 0ko <0ko@noreply.codeberg.org>
2025-05-14 23:04:43 +00:00
..
admin fix(i18n): fix several usages of i18n (#7422) 2025-04-02 14:50:02 +00:00
api/packages/pypi Update templates/api/packages/pypi/simple.tmpl 2024-04-12 16:43:30 +00:00
base feat(ui): make JS asset load error message translatable (#7388) 2025-04-01 16:14:38 +00:00
custom [FEAT] Repository flags 2024-02-05 16:09:42 +01:00
devtest ui: improve error pages (#7274) 2025-03-28 19:50:43 +00:00
explore ui: simplify main-attribute labels 2024-12-08 17:30:52 +05:00
htmx Update module github.com/editorconfig-checker/editorconfig-checker/v2/cmd/editorconfig-checker to v3 2024-08-09 21:03:37 +02:00
mail feat: consider WebAuthn & SSH for instance signing (#7693) 2025-04-29 10:34:07 +00:00
org Restore form inputs on organization create error (#34201) 2025-04-22 09:54:18 +02:00
package feat(ui): improve description in packages settings (#7531) 2025-04-18 12:36:59 +00:00
projects fix(ui): use gap in switch items (#7581) 2025-04-21 04:25:08 +00:00
repo Show if commit is signed in activity feed and unify sha box (#6933) 2025-05-03 10:54:52 +00:00
shared feat: add label for avatar settings (#7678) 2025-04-29 13:31:07 +00:00
status ui: improve error pages (#7274) 2025-03-28 19:50:43 +00:00
swagger fix(api): document is_system_webhook field (#7784) 2025-05-05 13:58:55 +00:00
user fix(ui): disable spellcheck on TOTP form fields (#7868) 2025-05-14 23:04:43 +00:00
webhook fix: improve discord webhook api conformance 2024-10-08 22:43:28 +02:00
home.tmpl Split Forgejo landing page template to allow patching or removing Forgejo introduction section (#6675) 2025-02-03 08:41:52 +00:00
home_forgejo.tmpl Split Forgejo landing page template to allow patching or removing Forgejo introduction section (#6675) 2025-02-03 08:41:52 +00:00
install.tmpl Added alt's to <img> 2025-01-31 21:22:00 +00:00
post-install.tmpl [BRANDING] Custom loading animation for Forgejo 2024-02-05 16:02:13 +01:00