Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Login page: do not retain credentials #38

Open
boly38 opened this issue Sep 28, 2022 · 0 comments
Open

Login page: do not retain credentials #38

boly38 opened this issue Sep 28, 2022 · 0 comments
Labels
security

Comments

@boly38
Copy link

boly38 commented Sep 28, 2022
edited

Hi

On login page we set some sensible credentials (ex. db access).
image

As php gui user, I dont want that the browser retains form value for this field. I dont want autocomplete. I dont want to be able to retrieve mongodb url from my previous access.

Technically, the input may have autocomplete="off" or type=password somewhere .. to dig.

Please notice that this issue is not the opposite of #37 but independant enhancement. This issue drives the "default browser behavior". At the end, if the user want to store some information, this is a choice that should not be forced.

This is a security issue.
Thanks
Regards
@SamuelTallet SamuelTallet changed the title Login page : do not retains credentials Login page: do not retain credentials Jul 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@boly38 @SamuelTallet