diff options
| author |  Inverle <inverle@proton.me>
| 2025-07-31 09:24:37 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2025-07-31 09:24:37 +0200 |
| commit | f85333e98adff296700e01ece8843aaf94694257 (patch) | |
| tree | c1c1a36a06f2d9fe824c3284757cd8761bd3f9d3 /p/scripts | |
| parent | 7a0c423357818b19eb431775452b1357bc7fd3eb (diff) | |
Require current password when setting new password (#7763)
* Require current password when setting new password
* i18n: fr
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Diffstat (limited to 'p/scripts')
| -rw-r--r-- | p/scripts/extra.js | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/p/scripts/extra.js b/p/scripts/extra.js index 41e79ec6a..c94d004ce 100644 --- a/p/scripts/extra.js +++ b/p/scripts/extra.js @@ -39,6 +39,19 @@ function init_crypto_form() { } crypto_form.onsubmit = function (e) { + let challenge = crypto_form.querySelector('#challenge'); + if (!challenge) { + crypto_form.querySelectorAll('[data-challenge-if-not-empty] input[type="password"]').forEach(el => { + if (el.value !== '' && !challenge) { + crypto_form.insertAdjacentHTML('beforeend', '<input type="hidden" id="challenge" name="challenge" />'); + challenge = crypto_form.querySelector('#challenge'); + } + }); + if (!challenge) { + return true; + } + } + e.preventDefault(); if (!submit_button) { @@ -64,7 +77,7 @@ function init_crypto_form() { const strong = window.Uint32Array && window.crypto && (typeof window.crypto.getRandomValues === 'function'); const s = bcrypt.hashSync(document.getElementById('passwordPlain').value, json.salt1); const c = bcrypt.hashSync(json.nonce + s, strong ? bcrypt.genSaltSync(4) : poormanSalt()); - document.getElementById('challenge').value = c; + challenge.value = c; if (!s || !c) { openNotification('Crypto error!', 'bad'); } else { |