You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is an attempt to fix#13500, where the user's browser was pre-filling the ldap_pword field to be "helpful", which meant every time they saved the LDAP settings, the ldap_pword field would be overwritten in the database to their own user password. Thanks, browser! Super helpful.
@Godmartinz - if this looks okay, can we try to apply this to your new LDAP livewire stuff? (We should also maybe add a new class to the CSS to make this part of our actual CSS, versus inlining it, as those in dark mode will have a white field that will look pretty jarring. A new class like hide-readonly or something.
This PR yoinks a lot of the functionality from the user edit/create page for largely the same reasons - before adding that, admins who were editing a user wouldn't notice that the browser filled in that field with the admin's password:
Implementation of better styling for password field
The password field on the LDAP settings page now looks readonly. This is a part of user interface design improvements to enhance user interaction with the form.
Deactivation of auto-complete feature in forms
The auto-complete attribute of the form set to 'off'. This change helps in increasing data security on the form, by preventing browsers from automatically suggesting previously entered information.
Addition of hidden input field for username
A new hidden input field was added carrying the username, which is derived either from the request parameter or from the user's actual username. This may not visible in the user interface but is important for back end processes.
Change in the structure of HTML elements
The structure of some HTML elements within a specific div (a block of content) on the form was modified to improve the website's overall layout and appearance.
Changing placeholder attribute values
The placeholder text that users see in the input fields for 'ldap_uname', 'ldap_pword', and 'ldaptest_password' have been updated. This modification means the users see more informative or accurate instructions or information before they enter the relevant data in these fields.
Added 'autocomplete' and 'onfocus' attributes to password input
The password input field not only disables autocompletion but also allows the readonly attribute to be removed upon the users focusing on that field. This means that the look of the field is readonly, but it allows typing when a user clicks to enter their password. This helps in improving data security and the usability operability with the password field.
Interestingly, I don't see the hidden input trick in the user's edit screen, but people haven't complained about it auto-filling recently, so I guess that's ok.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is an attempt to fix #13500, where the user's browser was pre-filling the
ldap_pwordfield to be "helpful", which meant every time they saved the LDAP settings, theldap_pwordfield would be overwritten in the database to their own user password. Thanks, browser! Super helpful.@Godmartinz - if this looks okay, can we try to apply this to your new LDAP livewire stuff? (We should also maybe add a new class to the CSS to make this part of our actual CSS, versus inlining it, as those in dark mode will have a white field that will look pretty jarring. A new class like
hide-readonlyor something.This PR yoinks a lot of the functionality from the user edit/create page for largely the same reasons - before adding that, admins who were editing a user wouldn't notice that the browser filled in that field with the admin's password:
snipe-it/resources/views/users/edit.blade.php
Lines 27 to 31 in b93adf4
snipe-it/resources/views/users/edit.blade.php
Lines 153 to 163 in b93adf4