vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README
commit 5af1799991e6d389853129fe2bc79b84815c454d
parent 8abd38573b8b185b6abcd26523df0be12c7cd74b
Author: Daniel García <dani-garcia@users.noreply.github.com>
Date:   Sun, 12 Feb 2023 18:39:54 +0100

Merge pull request #3145 from dlehammer/spell-jack_mitigation

"Spell-Jacking" mitigation ~ prevent sensitive data leak …
Diffstat:

Msrc/static/templates/admin/settings.hbs | 4++--


Msrc/static/templates/admin/users.hbs | 2+-


2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/static/templates/admin/settings.hbs b/src/static/templates/admin/settings.hbs
@@ -47,7 +47,7 @@
                             <div class="row my-2 align-items-center pt-3 border-top" title="Send a test email to given email address">
                                 <label for="smtp-test-email" class="col-sm-3 col-form-label">Test SMTP</label>
                                 <div class="col-sm-8 input-group">
-                                    <input class="form-control" id="smtp-test-email" type="email" placeholder="Enter test email" required>
+                                    <input class="form-control" id="smtp-test-email" type="email" placeholder="Enter test email" required spellcheck="false">
                                     <button type="button" class="btn btn-outline-primary input-group-text" id="smtpTest">Send test email</button>
                                     <div class="invalid-tooltip">Please provide a valid email address</div>
                                 </div>
@@ -85,7 +85,7 @@
                                     <input readonly class="form-control" id="input_{{name}}" type="password" value="{{value}}" {{#if default}} placeholder="Default: {{default}}" {{/if}}>
                                     <button class="btn btn-outline-secondary" type="button" data-vw-pw-toggle="input_{{name}}">Show/hide</button>
                                 {{else}}
-                                    <input readonly class="form-control" id="input_{{name}}" type="{{type}}" value="{{value}}" {{#if default}} placeholder="Default: {{default}}" {{/if}}>
+                                    <input readonly class="form-control" id="input_{{name}}" type="{{type}}" value="{{value}}" {{#if default}} placeholder="Default: {{default}}" {{/if}} spellcheck="false">
                                     {{#case type "password"}}
                                     <button class="btn btn-outline-secondary" type="button" data-vw-pw-toggle="input_{{name}}">Show/hide</button>
                                     {{/case}}
diff --git a/src/static/templates/admin/users.hbs b/src/static/templates/admin/users.hbs
@@ -96,7 +96,7 @@
             <small>Email:</small>
 
             <form class="form-inline input-group w-50" id="inviteUserForm">
-                <input type="email" class="form-control me-2" id="inviteEmail" placeholder="Enter email" required>
+                <input type="email" class="form-control me-2" id="inviteEmail" placeholder="Enter email" required spellcheck="false">
                 <button type="submit" class="btn btn-primary">Invite</button>
             </form>
         </div>