Skip to content
Permalink
Browse files Browse the repository at this point in the history
Hide passwords in plain html, for when SR is not password protected (…
…#4361)

* Hide passwords in plain html, for when SR is not password protected

* XMLEscape parameter values sent as GET or POST
  • Loading branch information
miigotu committed Mar 10, 2018
1 parent ffa8398 commit 8156a74
Show file tree
Hide file tree
Showing 9 changed files with 172 additions and 120 deletions.
9 changes: 5 additions & 4 deletions gui/slick/views/config_anime.mako
@@ -1,6 +1,7 @@
<%inherit file="/layouts/config.mako"/>
<%!
import sickbeard
from sickbeard.filters import hide
from sickbeard.helpers import anon_url
%>

Expand Down Expand Up @@ -67,10 +68,10 @@
<div class="col-lg-9 col-md-9 col-sm-8 col-xs-12 pull-right">
<div class="row">
<div class="col-md-12">
<input type="password" name="anidb_password" id="anidb_password"
value="${sickbeard.ANIDB_PASSWORD}"
class="form-control input-sm input350 pull-left" autocomplete="no"
autocapitalize="off" title="Password"/>
<input
type="password" name="anidb_password" id="anidb_password" value="${sickbeard.ANIDB_PASSWORD|hide}"
class="form-control input-sm input350 pull-left" autocomplete="no" autocapitalize="off" title="Password"
/>
</div>
</div>
<div class="row">
Expand Down
13 changes: 10 additions & 3 deletions gui/slick/views/config_general.mako
Expand Up @@ -5,6 +5,7 @@
import sickbeard
from sickbeard.common import SKIPPED, ARCHIVED, IGNORED, statusStrings, cpu_presets
from sickbeard.filters import hide
from sickbeard.sbdatetime import sbdatetime, date_presets, time_presets
from sickbeard.helpers import anon_url, LOCALE_NAMES
Expand Down Expand Up @@ -702,7 +703,9 @@
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<div class="row">
<div class="col-md-12">
<input type="password" name="web_password" id="web_password" value="${sickbeard.WEB_PASSWORD}" class="form-control input-sm input300" autocomplete="no" autocapitalize="off"/>
<input
type="password" name="web_password" id="web_password" value="${sickbeard.WEB_PASSWORD|hide}"
class="form-control input-sm input300" autocomplete="no" autocapitalize="off"/>
</div>
</div>
<div class="row">
Expand Down Expand Up @@ -1150,7 +1153,8 @@
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<div class="row">
<div class="col-md-12">
<input type="password" name="git_password" id="git_password" value="${sickbeard.GIT_PASSWORD}" class="form-control input-sm input300" autocomplete="no" autocapitalize="off" />
<input type="password" name="git_password" id="git_password" value="${sickbeard.GIT_PASSWORD|hide}"
class="form-control input-sm input300" autocomplete="no" autocapitalize="off" />
</div>
</div>
<div class="row">
Expand All @@ -1170,7 +1174,10 @@
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<div class="row">
<div class="col-md-12">
<input type="text" name="git_token" id="git_token" value="${sickbeard.GIT_TOKEN}" class="form-control input-sm input350" autocapitalize="off" autocomplete="no" />
<input
type="text" name="git_token" id="git_token" value="${sickbeard.GIT_TOKEN|hide}"
class="form-control input-sm input350" autocapitalize="off" autocomplete="no"
/>
% if not sickbeard.GIT_TOKEN:
<input class="btn btn-inline" type="button" id="create_access_token" value="${_('Generate Token')}">
% else:
Expand Down
30 changes: 24 additions & 6 deletions gui/slick/views/config_notifications.mako
@@ -1,7 +1,8 @@
<%inherit file="/layouts/config.mako"/>
<%!
import sickbeard
import re
import sickbeard
from sickbeard.filters import hide
from sickbeard.helpers import anon_url
%>

Expand Down Expand Up @@ -159,7 +160,10 @@
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<div class="row">
<div class="col-md-12">
<input type="password" name="kodi_password" id="kodi_password" value="${sickbeard.KODI_PASSWORD}" class="form-control input-sm input250" autocomplete="no" autocapitalize="off" />
<input
type="password" name="kodi_password" id="kodi_password" value="${sickbeard.KODI_PASSWORD|hide}"
class="form-control input-sm input250" autocomplete="no" autocapitalize="off"
/>
</div>
</div>
<div class="row">
Expand Down Expand Up @@ -264,7 +268,11 @@
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<div class="row">
<div class="col-md-12">
<input type="password" name="plex_server_password" id="plex_server_password" value="${'*' * len(sickbeard.PLEX_SERVER_PASSWORD)}" class="form-control input-sm input250" autocomplete="no" autocapitalize="off" />
<input
type="password" name="plex_server_password" id="plex_server_password"
value="${sickbeard.PLEX_SERVER_PASSWORD|hide}" class="form-control input-sm input250"
autocomplete="no" autocapitalize="off"
/>
</div>
</div>
<div class="row">
Expand Down Expand Up @@ -431,7 +439,11 @@
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<div class="row">
<div class="col-md-12">
<input type="password" name="plex_client_password" id="plex_client_password" value="${'*' * len(sickbeard.PLEX_CLIENT_PASSWORD)}" class="form-control input-sm input250" autocomplete="no" autocapitalize="off" />
<input
type="password" name="plex_client_password" id="plex_client_password"
value="${sickbeard.PLEX_CLIENT_PASSWORD|hide}" class="form-control input-sm input250"
autocomplete="no" autocapitalize="off"
/>
</div>
</div>
<div class="row">
Expand Down Expand Up @@ -1092,7 +1104,10 @@
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<div class="row">
<div class="col-md-12">
<input type="password" name="growl_password" id="growl_password" value="${sickbeard.GROWL_PASSWORD}" class="form-control input-sm input250" autocomplete="no" autocapitalize="off" />
<input
type="password" name="growl_password" id="growl_password" value="${sickbeard.GROWL_PASSWORD|hide}"
class="form-control input-sm input250" autocomplete="no" autocapitalize="off"
/>
</div>
</div>
<div class="row">
Expand Down Expand Up @@ -3009,7 +3024,10 @@
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<div class="row">
<div class="col-md-12">
<input type="password" name="email_password" id="email_password" value="${sickbeard.EMAIL_PASSWORD}" class="form-control input-sm input250" autocomplete="no" autocapitalize="off" />
<input
type="password" name="email_password" id="email_password" value="${sickbeard.EMAIL_PASSWORD|hide}"
class="form-control input-sm input250" autocomplete="no" autocapitalize="off"
/>
</div>
</div>
<div class="row">
Expand Down
32 changes: 18 additions & 14 deletions gui/slick/views/config_providers.mako
@@ -1,6 +1,7 @@
<%inherit file="/layouts/config.mako"/>
<%!
import sickbeard
from sickbeard.filters import hide
from sickbeard.helpers import anon_url
from sickrage.providers.GenericProvider import GenericProvider
%>
Expand Down Expand Up @@ -428,10 +429,11 @@
<label class="component-title">${_('Password')}</label>
</div>
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<input type="password" name="${curTorrentProvider.get_id()}_password"
id="${curTorrentProvider.get_id()}_password"
value="${curTorrentProvider.password | h}" class="form-control input-sm input350"
autocomplete="no" autocapitalize="off"/>
<input
type="password" name="${curTorrentProvider.get_id()}_password"
id="${curTorrentProvider.get_id()}_password" value="${curTorrentProvider.password|hide}"
class="form-control input-sm input350" autocomplete="no" autocapitalize="off"
/>
</div>
</div>
% endif
Expand All @@ -442,10 +444,10 @@
<label class="component-title">${_('Passkey')}</label>
</div>
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<input type="text" name="${curTorrentProvider.get_id()}_passkey"
id="${curTorrentProvider.get_id()}_passkey"
value="${curTorrentProvider.passkey}" class="form-control input-sm input350"
autocapitalize="off"/>
<input
type="text" name="${curTorrentProvider.get_id()}_passkey" id="${curTorrentProvider.get_id()}_passkey"
value="${curTorrentProvider.passkey|hide}" class="form-control input-sm input350" autocapitalize="off"
/>
</div>
</div>
% endif
Expand Down Expand Up @@ -484,10 +486,11 @@
<label class="component-title">${_('Pin')}</label>
</div>
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<input type="password" name="${curTorrentProvider.get_id()}_pin"
id="${curTorrentProvider.get_id()}_pin" value="${curTorrentProvider.pin}"
class="form-control input-sm input100" autocomplete="no"
autocapitalize="off"/>
<input
type="password" name="${curTorrentProvider.get_id()}_pin"
id="${curTorrentProvider.get_id()}_pin" value="${curTorrentProvider.pin|hide}"
class="form-control input-sm input100" autocomplete="no" autocapitalize="off"
/>
</div>
</div>
% endif
Expand Down Expand Up @@ -781,8 +784,9 @@
<div class="col-lg-9 col-md-8 col-sm-7 col-xs-12 component-desc">
<div class="row">
<div class="col-md-12">
<input type="password" id="newznab_key"
class="form-control input-sm input350" autocapitalize="off"/>
<input
type="password" id="newznab_key" class="form-control input-sm input350" autocapitalize="off"
/>
</div>
</div>
<div class="row">
Expand Down

0 comments on commit 8156a74

Please sign in to comment.