[Pkg-owncloud-commits] [owncloud] 11/145: prevent autofill for password change settings, prevent leak of existing password, fix #6552

[David Prévot]

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch master
in repository owncloud.

commit 0cd68cfedcc2ba237b7ff705251e2a6cff903732
Author: Jan-Christoph Borchardt <hey at jancborchardt.net>
Date:   Fri Jan 24 18:58:56 2014 +0100

    prevent autofill for password change settings, prevent leak of existing password, fix #6552
---
 settings/templates/personal.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/settings/templates/personal.php b/settings/templates/personal.php
index 3eb8646..05cdb6f 100644
--- a/settings/templates/personal.php
+++ b/settings/templates/personal.php
@@ -39,9 +39,11 @@ if($_['passwordChangeSupported']) {
 		<h2><?php p($l->t('Password'));?></h2>
 		<div id="passwordchanged"><?php echo $l->t('Your password was changed');?></div>
 		<div id="passworderror"><?php echo $l->t('Unable to change your password');?></div>
-		<input type="password" id="pass1" name="oldpassword" placeholder="<?php echo $l->t('Current password');?>" />
+		<input type="password" id="pass1" name="oldpassword"
+			placeholder="<?php echo $l->t('Current password');?>" autocomplete="off" />
 		<input type="password" id="pass2" name="personal-password"
-			placeholder="<?php echo $l->t('New password');?>" data-typetoggle="#personal-show" />
+			placeholder="<?php echo $l->t('New password');?>"
+			data-typetoggle="#personal-show" autocomplete="off" />
 		<input type="checkbox" id="personal-show" name="show" /><label for="personal-show"></label>
 		<input id="passwordbutton" type="submit" value="<?php echo $l->t('Change password');?>" />
 	</fieldset>

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git