Commit e5abfd15 authored by enured's avatar enured
Browse files

S13827: Added new font family to fake passwords. Using the font for...

S13827: Added new font family to fake passwords. Using the font for formelement password. At the end we dont use the input type password anymore. Best solution to prevent offers of user credentials from browser.
parent 9b6dd5b1
Pipeline #6921 failed with stage
in 1 minute and 47 seconds
......@@ -1482,21 +1482,25 @@ abstract class AbstractBuildForm {
} else {
$htmlTag = '<input';
if (!empty($formElement[FE_INPUT_TYPE])) {
$formElement[FE_TYPE] = $formElement[FE_INPUT_TYPE];
// TypeAhead tag elements needs to be hidden
if (HelperFormElement::booleParameter($formElement[FE_TYPEAHEAD_TAG] ?? '-')) {
$formElement[FE_TYPE] = 'hidden';
}
}
// If type password is selected then type text with own class will be taken to fake password over CSS
if($formElement[FE_TYPE] === 'password'){
$formElement[FE_TYPE] = 'text';
$class .= ' qfq-password';
}
$attribute .= HelperFormElement::getAttributeList($formElement, [FE_TYPE, 'size']);
$attribute .= Support::doAttribute('value', htmlentities($value), false);
// $attribute .= Support::doAttribute('value', htmlentities($value, ENT_QUOTES, 'UTF-8'), false);
}
// Set for password to give choice of generated password for user and not autofill password field
if($formElement[FE_TYPE] === 'password') {
$attribute .= Support::doAttribute('autocomplete', 'new-password');
}
// Set for password to give choice of generated password for user and not autofill password field. Deprecated, we dont use type password anymore.
// if($formElement[FE_TYPE] === 'password') {
// $attribute .= Support::doAttribute('autocomplete', 'new-password');
// }
$attribute .= HelperFormElement::getAttributeList($formElement, [FE_INPUT_AUTOCOMPLETE, 'autofocus', 'placeholder']);
......@@ -1547,10 +1551,10 @@ abstract class AbstractBuildForm {
$input .= $formElement[FE_INPUT_EXTRA_BUTTON_INFO];
}
//Generate an empty input type text to ignore autocomplete in other elements
if($formElement[FE_TYPE] === 'password'){
$input = '<input type="text" style="display:none;">'.$input;
}
//Generate an empty input type text to ignore autocomplete in other elements. deprecated because not using type password anymore.
// if($formElement[FE_TYPE] === 'password'){
// $input = '<input type="text" style="display:none;">'.$input;
// }
return $input;
}
......
......@@ -1345,3 +1345,14 @@ thead.qfq-sticky td {
.qfq-badge-inverse:hover {
background-color: #1a1a1a;
}
@font-face {
font-family: 'password';
font-style: normal;
font-weight: 400;
src: url(https://jsbin-user-assets.s3.amazonaws.com/rafaelcastrocouto/password.ttf);
}
input.qfq-password {
font-family: 'password';
}
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment