Révision 08f30320
Ajouté par Renato Botelho il y a presque 10 ans
etc/inc/authgui.inc | ||
---|---|---|
264 | 264 |
$nifty_background = "#999"; |
265 | 265 |
print_info_box(gettext("You are accessing this router by an IP address not configured locally, which may be forwarded by NAT or other means. <br /><br />If you did not setup this forwarding, you may be the target of a man-in-the-middle attack.")); |
266 | 266 |
} |
267 |
$noautocomplete = isset($config['system']['webgui']['noautocomplete']) ? 'autocomplete="off"' : '';
|
|
267 |
$loginautocomplete = isset($config['system']['webgui']['loginautocomplete']) ? '' : 'autocomplete="off"';
|
|
268 | 268 |
?> |
269 |
<form id="iform" name="iform" method="post" <?= $noautocomplete ?> action="<?=$_SERVER['SCRIPT_NAME'];?>">
|
|
269 |
<form id="iform" name="iform" method="post" <?= $loginautocomplete ?> action="<?=$_SERVER['SCRIPT_NAME'];?>">
|
|
270 | 270 |
<h1> </h1> |
271 | 271 |
<div id="inputerrors"><?=$_SESSION['Login_Error'];?></div> |
272 | 272 |
<p> |
etc/inc/globals.inc | ||
---|---|---|
73 | 73 |
"disablecrashreporter" => false, |
74 | 74 |
"crashreporterurl" => "https://crashreporter.pfsense.org/crash_reporter.php", |
75 | 75 |
"debug" => false, |
76 |
"latest_config" => "10.7",
|
|
76 |
"latest_config" => "10.8",
|
|
77 | 77 |
"nopkg_platforms" => array("cdrom"), |
78 | 78 |
"minimum_ram_warning" => "101", |
79 | 79 |
"minimum_ram_warning_text" => "128 MB", |
etc/inc/upgrade_config.inc | ||
---|---|---|
3333 | 3333 |
} |
3334 | 3334 |
} |
3335 | 3335 |
|
3336 |
function upgrade_107_to_108() { |
|
3337 |
global $config; |
|
3338 |
|
|
3339 |
if (isset($config['system']['webgui']['noautocomplete'])) |
|
3340 |
unset($config['system']['webgui']['noautocomplete']); |
|
3341 |
else |
|
3342 |
$config['system']['webgui']['loginautocomplete'] = true; |
|
3343 |
} |
|
3344 |
|
|
3336 | 3345 |
?> |
usr/local/www/system_advanced_admin.php | ||
---|---|---|
59 | 59 |
$pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']); |
60 | 60 |
$pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']); |
61 | 61 |
$pconfig['beast_protection'] = isset($config['system']['webgui']['beast_protection']); |
62 |
$pconfig['noautocomplete'] = isset($config['system']['webgui']['noautocomplete']);
|
|
62 |
$pconfig['loginautocomplete'] = isset($config['system']['webgui']['loginautocomplete']);
|
|
63 | 63 |
$pconfig['althostnames'] = $config['system']['webgui']['althostnames']; |
64 | 64 |
$pconfig['enableserial'] = $config['system']['enableserial']; |
65 | 65 |
$pconfig['serialspeed'] = $config['system']['serialspeed']; |
... | ... | |
178 | 178 |
else |
179 | 179 |
unset($config['system']['webgui']['beast_protection']); |
180 | 180 |
|
181 |
if ($_POST['noautocomplete'] == "yes")
|
|
182 |
$config['system']['webgui']['noautocomplete'] = true;
|
|
181 |
if ($_POST['loginautocomplete'] == "yes")
|
|
182 |
$config['system']['webgui']['loginautocomplete'] = true;
|
|
183 | 183 |
else |
184 |
unset($config['system']['webgui']['noautocomplete']);
|
|
184 |
unset($config['system']['webgui']['loginautocomplete']);
|
|
185 | 185 |
|
186 | 186 |
if ($_POST['althostnames']) |
187 | 187 |
$config['system']['webgui']['althostnames'] = $_POST['althostnames']; |
... | ... | |
404 | 404 |
<tr> |
405 | 405 |
<td width="22%" valign="top" class="vncell"><?=gettext("WebGUI Login Autocomplete"); ?></td> |
406 | 406 |
<td width="78%" class="vtable"> |
407 |
<input name="noautocomplete" type="checkbox" id="noautocomplete" value="yes" <?php if ($pconfig['noautocomplete']) echo "checked=\"checked\""; ?> />
|
|
408 |
<strong><?=gettext("Disable webConfigurator login autocomplete"); ?></strong>
|
|
407 |
<input name="loginautocomplete" type="checkbox" id="loginautocomplete" value="yes" <?php if ($pconfig['loginautocomplete']) echo "checked=\"checked\""; ?> />
|
|
408 |
<strong><?=gettext("Enable webConfigurator login autocomplete"); ?></strong>
|
|
409 | 409 |
<br /> |
410 |
<?php echo gettext("When this is unchecked, login credentials for the webConfigurator " .
|
|
410 |
<?php echo gettext("When this is checked, login credentials for the webConfigurator " . |
|
411 | 411 |
"may be saved by the browser. While convenient, some security standards require this to be disabled. " . |
412 |
"Check this box to disable autocomplete on the login form so that browsers will not prompt to save credentials (NOTE: Some browsers do not respect this option). ");
|
|
412 |
"Check this box to enable autocomplete on the login form so that browsers will prompt to save credentials (NOTE: Some browsers do not respect this option). ");
|
|
413 | 413 |
?> |
414 | 414 |
</td> |
415 | 415 |
</tr> |
Formats disponibles : Unified diff
Change the option for webconfig login autocomplete from opt-in to opt-out, also bump config version and write a function to keep the current status on upgrades