Maximilian Meister wrote: % Hi, % % after the password strength meter went through, I have another enhancement % related to the password field. % On the edit user page, there are placeholders in the password fields. % The placeholders are plain *'s, so if I add some characters after % the placeholder % like [******<newchars>] my new password will contain the placeholder % instead % of my expectation [<oldpass><newchars>]. % That could lead to locking out of a user. % % This patch makes sure that you can't lock yourself out accidentally % like this.
Hello Maximilian, I think there's an easier way to do it in a plain html without new javascript file. If you replace <input type="password" name="desiredpassword" maxlength="32" value="******" class="form-control"> with <input type="password" name="desiredpassword" maxlength="32" placeholder="••••••" class="form-control"> (similar to e.g. search field on the page) there will be greyed out dots and user have to type whole password and can't submit placeholder string anymore. ('•' is unicode BULLET char U+2022.) Well, there's one more step needed - UserEditActionHelper class have to be updated to accept empty password as no change in password. What do you think about this? Regards, -- Michael Mráka Satellite Engineering, Red Hat _______________________________________________ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel