From 1c523e212913cdb6fc2b0709af7f4c910d1728c8 Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Fri, 9 Oct 2020 09:32:30 +0200
Subject: [PATCH] Set appropriate `autocomplete` attributes on password fields
 (#13078)

`new-password` prevents annoying autocompletion in some cases, thought
it's not semantically correct to use that for example on all three
fields on the user account page, so some annoyances remain.

Co-authored-by: Lauris BH <lauris@nix.lv>
---
 templates/admin/auth/source/ldap.tmpl        | 2 +-
 templates/admin/user/edit.tmpl               | 2 +-
 templates/admin/user/new.tmpl                | 2 +-
 templates/install.tmpl                       | 4 ++--
 templates/org/settings/delete.tmpl           | 2 +-
 templates/repo/settings/options.tmpl         | 2 +-
 templates/user/auth/change_passwd_inner.tmpl | 4 ++--
 templates/user/auth/reset_passwd.tmpl        | 2 +-
 templates/user/auth/signin_inner.tmpl        | 2 +-
 templates/user/auth/signup_inner.tmpl        | 4 ++--
 templates/user/settings/account.tmpl         | 8 ++++----
 11 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/templates/admin/auth/source/ldap.tmpl b/templates/admin/auth/source/ldap.tmpl
index 651877b1f7..6feb202abb 100644
--- a/templates/admin/auth/source/ldap.tmpl
+++ b/templates/admin/auth/source/ldap.tmpl
@@ -27,7 +27,7 @@
 	<input class="fake" type="password">
 	<div class="ldap field {{if not (eq .type 2)}}hide{{end}}">
 		<label for="bind_password">{{.i18n.Tr "admin.auths.bind_password"}}</label>
-		<input id="bind_password" name="bind_password" type="password" value="{{.bind_password}}">
+		<input id="bind_password" name="bind_password" type="password" autocomplete="off" value="{{.bind_password}}">
 		<p class="help text red">{{.i18n.Tr "admin.auths.bind_password_helper"}}</p>
 	</div>
 	<div class="binddnrequired {{if (eq .type 2)}}required{{end}} field">
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index 042c09954a..95323a97b2 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -43,7 +43,7 @@
 				<input class="fake" type="password">
 				<div class="local field {{if .Err_Password}}error{{end}} {{if not (or (.User.IsLocal) (.User.IsOAuth2))}}hide{{end}}">
 					<label for="password">{{.i18n.Tr "password"}}</label>
-					<input id="password" name="password" type="password">
+					<input id="password" name="password" type="password" autocomplete="new-password">
 					<p class="help">{{.i18n.Tr "admin.users.password_helper"}}</p>
 				</div>
 				<div class="field {{if .Err_Website}}error{{end}}">
diff --git a/templates/admin/user/new.tmpl b/templates/admin/user/new.tmpl
index 44cd0049b7..463374dab7 100644
--- a/templates/admin/user/new.tmpl
+++ b/templates/admin/user/new.tmpl
@@ -39,7 +39,7 @@
 				<input class="fake" type="password">
 				<div class="required local field {{if .Err_Password}}error{{end}} {{if not (eq .login_type "0-0")}}hide{{end}}">
 					<label for="password">{{.i18n.Tr "password"}}</label>
-					<input id="password" name="password" type="password" value="{{.password}}" {{if eq .login_type "0-0"}}required{{end}}>
+					<input id="password" name="password" type="password" autocomplete="new-password" value="{{.password}}" {{if eq .login_type "0-0"}}required{{end}}>
 				</div>
 
 				<div class="inline field local{{if ne .login_type "0-0"}} hide{{end}}">
diff --git a/templates/install.tmpl b/templates/install.tmpl
index 6dc5e58e4f..27cf1034c5 100644
--- a/templates/install.tmpl
+++ b/templates/install.tmpl
@@ -284,11 +284,11 @@
 							</div>
 							<div class="inline field {{if .Err_AdminPasswd}}error{{end}}">
 								<label for="admin_passwd">{{.i18n.Tr "install.admin_password"}}</label>
-								<input id="admin_passwd" name="admin_passwd" type="password" value="{{.admin_passwd}}">
+								<input id="admin_passwd" name="admin_passwd" type="password" autocomplete="new-password" value="{{.admin_passwd}}">
 							</div>
 							<div class="inline field {{if .Err_AdminPasswd}}error{{end}}">
 								<label for="admin_confirm_passwd">{{.i18n.Tr "install.confirm_password"}}</label>
-								<input id="admin_confirm_passwd" name="admin_confirm_passwd" type="password" value="{{.admin_confirm_passwd}}">
+								<input id="admin_confirm_passwd" name="admin_confirm_passwd" autocomplete="new-password" type="password" value="{{.admin_confirm_passwd}}">
 							</div>
 							<div class="inline field {{if .Err_AdminEmail}}error{{end}}">
 								<label for="admin_email">{{.i18n.Tr "install.admin_email"}}</label>
diff --git a/templates/org/settings/delete.tmpl b/templates/org/settings/delete.tmpl
index 2dd8fd8748..54d60f93f0 100644
--- a/templates/org/settings/delete.tmpl
+++ b/templates/org/settings/delete.tmpl
@@ -18,7 +18,7 @@
 						<input class="fake" type="password">
 						<div class="inline required field {{if .Err_Password}}error{{end}}">
 							<label for="password">{{.i18n.Tr "password"}}</label>
-							<input id="password" name="password" type="password" autofocus required>
+							<input id="password" name="password" type="password" autocomplete="off" autofocus required>
 						</div>
 						<div class="ui red button delete-button" data-type="form" data-form="#delete-form">
 							{{.i18n.Tr "org.settings.confirm_delete_account"}}
diff --git a/templates/repo/settings/options.tmpl b/templates/repo/settings/options.tmpl
index f238b1b0ce..ce76a6fefa 100644
--- a/templates/repo/settings/options.tmpl
+++ b/templates/repo/settings/options.tmpl
@@ -107,7 +107,7 @@
 							<input class="fake" type="password">
 							<div class="inline field {{if .Err_Auth}}error{{end}}">
 								<label for="mirror_password">{{.i18n.Tr "password"}}</label>
-								<input id="mirror_password" name="mirror_password" type="password" value="{{MirrorPassword .Mirror}}" {{if not .mirror_password}}data-need-clear="true"{{end}}>
+								<input id="mirror_password" name="mirror_password" type="password" value="{{MirrorPassword .Mirror}}" {{if not .mirror_password}}data-need-clear="true"{{end}} autocomplete="off">
 							</div>
 						</div>
 					</div>
diff --git a/templates/user/auth/change_passwd_inner.tmpl b/templates/user/auth/change_passwd_inner.tmpl
index 60d4a210ee..43818e93d2 100644
--- a/templates/user/auth/change_passwd_inner.tmpl
+++ b/templates/user/auth/change_passwd_inner.tmpl
@@ -9,13 +9,13 @@
 			{{.CsrfTokenHtml}}
 			<div class="required inline field {{if and (.Err_Password) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn))}}error{{end}}">
 				<label for="password">{{.i18n.Tr "password"}}</label>
-				<input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" required>
+				<input id="password" name="password" type="password" value="{{.password}}" autocomplete="new-password" required>
 			</div>
 
 
 			<div class="required inline field {{if and (.Err_Password) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeRegister))}}error{{end}}">
 				<label for="retype">{{.i18n.Tr "re_type"}}</label>
-				<input id="retype" name="retype" type="password" autocomplete="off" required>
+				<input id="retype" name="retype" type="password" autocomplete="new-password" required>
 			</div>
 
 			<div class="inline field">
diff --git a/templates/user/auth/reset_passwd.tmpl b/templates/user/auth/reset_passwd.tmpl
index 91d5a5ef88..7d60fe4a86 100644
--- a/templates/user/auth/reset_passwd.tmpl
+++ b/templates/user/auth/reset_passwd.tmpl
@@ -19,7 +19,7 @@
 					{{if .IsResetForm}}
 						<div class="required inline field {{if .Err_Password}}error{{end}}">
 							<label for="password">{{.i18n.Tr "settings.new_password"}}</label>
-							<input id="password" name="password" type="password"  value="{{.password}}" autocomplete="off" autofocus required>
+							<input id="password" name="password" type="password"  value="{{.password}}" autocomplete="new-password" autofocus required>
 						</div>
 						{{if not .user_signed_in}}
 						<div class="inline field">
diff --git a/templates/user/auth/signin_inner.tmpl b/templates/user/auth/signin_inner.tmpl
index 9f6b3da05d..4d99d378ad 100644
--- a/templates/user/auth/signin_inner.tmpl
+++ b/templates/user/auth/signin_inner.tmpl
@@ -18,7 +18,7 @@
 			{{if or (not .DisablePassword) .LinkAccountMode}}
 			<div class="required inline field {{if and (.Err_Password) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn))}}error{{end}}">
 				<label for="password">{{.i18n.Tr "password"}}</label>
-				<input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" required>
+				<input id="password" name="password" type="password" value="{{.password}}" autocomplete="current-password" required>
 			</div>
 			{{end}}
 			{{if not .LinkAccountMode}}
diff --git a/templates/user/auth/signup_inner.tmpl b/templates/user/auth/signup_inner.tmpl
index e52aa2e881..57dd22db4c 100644
--- a/templates/user/auth/signup_inner.tmpl
+++ b/templates/user/auth/signup_inner.tmpl
@@ -29,11 +29,11 @@
 						{{if not .DisablePassword}}
 							<div class="required inline field {{if and (.Err_Password) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeRegister))}}error{{end}}">
 								<label for="password">{{.i18n.Tr "password"}}</label>
-								<input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" required>
+								<input id="password" name="password" type="password" value="{{.password}}" autocomplete="new-password" required>
 							</div>
 							<div class="required inline field {{if and (.Err_Password) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeRegister))}}error{{end}}">
 								<label for="retype">{{.i18n.Tr "re_type"}}</label>
-								<input id="retype" name="retype" type="password" value="{{.retype}}" autocomplete="off" required>
+								<input id="retype" name="retype" type="password" value="{{.retype}}" autocomplete="new-password" required>
 							</div>
 						{{end}}
 						{{if and .EnableCaptcha (eq .CaptchaType "image")}}
diff --git a/templates/user/settings/account.tmpl b/templates/user/settings/account.tmpl
index 530e42a1b4..113e03cd9b 100644
--- a/templates/user/settings/account.tmpl
+++ b/templates/user/settings/account.tmpl
@@ -13,16 +13,16 @@
 				{{if .SignedUser.IsPasswordSet}}
 				<div class="required field {{if .Err_OldPassword}}error{{end}}">
 					<label for="old_password">{{.i18n.Tr "settings.old_password"}}</label>
-					<input id="old_password" name="old_password" type="password" autocomplete="off" autofocus required>
+					<input id="old_password" name="old_password" type="password" autocomplete="current-password" autofocus required>
 				</div>
 				{{end}}
 				<div class="required field {{if .Err_Password}}error{{end}}">
 					<label for="password">{{.i18n.Tr "settings.new_password"}}</label>
-					<input id="password" name="password" type="password" autocomplete="off" required>
+					<input id="password" name="password" type="password" autocomplete="new-password" required>
 				</div>
 				<div class="required field {{if .Err_Password}}error{{end}}">
 					<label for="retype">{{.i18n.Tr "settings.retype_new_password"}}</label>
-					<input id="retype" name="retype" type="password" autocomplete="off" required>
+					<input id="retype" name="retype" type="password" autocomplete="new-password" required>
 				</div>
 
 				<div class="field">
@@ -179,7 +179,7 @@
 				<input class="fake" type="password">
 				<div class="required field {{if .Err_Password}}error{{end}}">
 					<label for="password-confirmation">{{.i18n.Tr "password"}}</label>
-					<input id="password-confirmation" name="password" type="password" required>
+					<input id="password-confirmation" name="password" type="password" autocomplete="off" required>
 				</div>
 				<div class="field">
 					<div class="ui red button delete-button" id="delete-account" data-type="form" data-form="#delete-form">