diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-06-18 08:21:27 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-06-18 08:21:27 -0300 |
commit | 08f303203418306290d8393f0a77fcba4fab70d5 (patch) | |
tree | bc7b04f25cb56e5b0af17affb79fb82da0c8aafc | |
parent | 16789caa901f2415da67b10ba6da9eb19e870de8 (diff) | |
download | pfsense-08f303203418306290d8393f0a77fcba4fab70d5.zip pfsense-08f303203418306290d8393f0a77fcba4fab70d5.tar.gz |
Change the option for webconfig login autocomplete from opt-in to opt-out, also bump config version and write a function to keep the current status on upgrades
-rw-r--r-- | etc/inc/authgui.inc | 4 | ||||
-rw-r--r-- | etc/inc/globals.inc | 2 | ||||
-rw-r--r-- | etc/inc/upgrade_config.inc | 9 | ||||
-rw-r--r-- | usr/local/www/system_advanced_admin.php | 16 |
4 files changed, 20 insertions, 11 deletions
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc index 11d4d45..cda6ef3 100644 --- a/etc/inc/authgui.inc +++ b/etc/inc/authgui.inc @@ -264,9 +264,9 @@ $have_cookies = isset($_COOKIE["cookie_test"]); $nifty_background = "#999"; print_info_box(gettext("You are accessing this router by an IP address not configured locally, which may be forwarded by NAT or other means. <br /><br />If you did not setup this forwarding, you may be the target of a man-in-the-middle attack.")); } - $noautocomplete = isset($config['system']['webgui']['noautocomplete']) ? 'autocomplete="off"' : ''; + $loginautocomplete = isset($config['system']['webgui']['loginautocomplete']) ? '' : 'autocomplete="off"'; ?> - <form id="iform" name="iform" method="post" <?= $noautocomplete ?> action="<?=$_SERVER['SCRIPT_NAME'];?>"> + <form id="iform" name="iform" method="post" <?= $loginautocomplete ?> action="<?=$_SERVER['SCRIPT_NAME'];?>"> <h1> </h1> <div id="inputerrors"><?=$_SESSION['Login_Error'];?></div> <p> diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index 4127050..e34a681 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -73,7 +73,7 @@ $g = array( "disablecrashreporter" => false, "crashreporterurl" => "https://crashreporter.pfsense.org/crash_reporter.php", "debug" => false, - "latest_config" => "10.7", + "latest_config" => "10.8", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "101", "minimum_ram_warning_text" => "128 MB", diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index c33deb1..7bf5505 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -3333,4 +3333,13 @@ function upgrade_106_to_107() { } } +function upgrade_107_to_108() { + global $config; + + if (isset($config['system']['webgui']['noautocomplete'])) + unset($config['system']['webgui']['noautocomplete']); + else + $config['system']['webgui']['loginautocomplete'] = true; +} + ?> diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index b9874c5..d9fd453 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -59,7 +59,7 @@ $pconfig['noantilockout'] = isset($config['system']['webgui']['noantilockout']); $pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']); $pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']); $pconfig['beast_protection'] = isset($config['system']['webgui']['beast_protection']); -$pconfig['noautocomplete'] = isset($config['system']['webgui']['noautocomplete']); +$pconfig['loginautocomplete'] = isset($config['system']['webgui']['loginautocomplete']); $pconfig['althostnames'] = $config['system']['webgui']['althostnames']; $pconfig['enableserial'] = $config['system']['enableserial']; $pconfig['serialspeed'] = $config['system']['serialspeed']; @@ -178,10 +178,10 @@ if ($_POST) { else unset($config['system']['webgui']['beast_protection']); - if ($_POST['noautocomplete'] == "yes") - $config['system']['webgui']['noautocomplete'] = true; + if ($_POST['loginautocomplete'] == "yes") + $config['system']['webgui']['loginautocomplete'] = true; else - unset($config['system']['webgui']['noautocomplete']); + unset($config['system']['webgui']['loginautocomplete']); if ($_POST['althostnames']) $config['system']['webgui']['althostnames'] = $_POST['althostnames']; @@ -404,12 +404,12 @@ function prot_change() { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("WebGUI Login Autocomplete"); ?></td> <td width="78%" class="vtable"> - <input name="noautocomplete" type="checkbox" id="noautocomplete" value="yes" <?php if ($pconfig['noautocomplete']) echo "checked=\"checked\""; ?> /> - <strong><?=gettext("Disable webConfigurator login autocomplete"); ?></strong> + <input name="loginautocomplete" type="checkbox" id="loginautocomplete" value="yes" <?php if ($pconfig['loginautocomplete']) echo "checked=\"checked\""; ?> /> + <strong><?=gettext("Enable webConfigurator login autocomplete"); ?></strong> <br /> - <?php echo gettext("When this is unchecked, login credentials for the webConfigurator " . + <?php echo gettext("When this is checked, login credentials for the webConfigurator " . "may be saved by the browser. While convenient, some security standards require this to be disabled. " . - "Check this box to disable autocomplete on the login form so that browsers will not prompt to save credentials (NOTE: Some browsers do not respect this option). "); + "Check this box to enable autocomplete on the login form so that browsers will prompt to save credentials (NOTE: Some browsers do not respect this option). "); ?> </td> </tr> |