diff options
| author |  Inverle <inverle@proton.me>
| 2025-09-30 10:12:15 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2025-09-30 10:12:15 +0200 |
| commit | bf6e634e042b726edd97335ac36b2305f8101b3f (patch) | |
| tree | 198e611004216d6f59e368989fc70d5e722a25ef /app/Controllers | |
| parent | 34532c0dd49f825ca4f265db9dec446ec0ecd34f (diff) | |
Fix autocomplete issues in change password form (#7812)
## Screenshots
<details>
<summary>Before</summary>
<img width="773" height="652" alt="image" src="https://github.com/user-attachments/assets/89a0e58c-8c4a-41ff-b5d6-3e916079d563" />
</details>
<details>
<summary>After</summary>
<img width="1006" height="646" alt="image" src="https://github.com/user-attachments/assets/f4575103-7365-4870-a170-2742bf10eb27" />
</details>
This is an example on Firefox, where the `Master authentication token` field was incorrectly being autofilled.
Red borders are indicating that the fields are required.
## List of changes
* `required="required"` is now being added to the password fields if the section is open
* The `challenge` field is being added if section is open instead of when at least one of the password fields isn't empty due to autocomplete
* Added `autocomplete="new-password"` on fields that shouldn't be autocompleted
* Unfortunately Chrome requires a workaround with CSS
* Not tested on Safari yet
* User will be redirected to profile page after successfully changing their password instead of index page
## How to test
Autocomplete related changes should be tested on a HTTPS page with saved credentials for FreshRSS
Diffstat (limited to 'app/Controllers')
| -rw-r--r-- | app/Controllers/userController.php | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php index e71c8aaa0..f3db70c3a 100644 --- a/app/Controllers/userController.php +++ b/app/Controllers/userController.php @@ -180,10 +180,8 @@ class FreshRSS_user_Controller extends FreshRSS_ActionController { if ($ok) { if (FreshRSS_Context::systemConf()->force_email_validation && $email !== $old_email) { Minz_Request::good(_t('feedback.profile.updated'), ['c' => 'user', 'a' => 'validateEmail']); - } elseif ($newPasswordPlain == '') { - Minz_Request::good(_t('feedback.profile.updated'), ['c' => 'user', 'a' => 'profile']); } else { - Minz_Request::good(_t('feedback.profile.updated'), ['c' => 'index', 'a' => 'index']); + Minz_Request::good(_t('feedback.profile.updated'), ['c' => 'user', 'a' => 'profile']); } } else { Minz_Request::bad(_t('feedback.profile.error'), ['c' => 'user', 'a' => 'profile']); |