diff options
author | jim-p <jimp@pfsense.org> | 2011-05-12 10:45:30 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2011-05-12 10:45:30 -0400 |
commit | 1031c9ea7655ab64a513e3b168f70d672e30a733 (patch) | |
tree | a844f571c5d2e6eeff4b6e8d909c3315717cd42d | |
parent | a1bad14197056b186726180846103fa922a94df6 (diff) | |
download | pfsense-1031c9ea7655ab64a513e3b168f70d672e30a733.zip pfsense-1031c9ea7655ab64a513e3b168f70d672e30a733.tar.gz |
Make autocomplete on the login form optional.
-rw-r--r-- | etc/inc/authgui.inc | 3 | ||||
-rw-r--r-- | usr/local/www/system_advanced_admin.php | 20 |
2 files changed, 21 insertions, 2 deletions
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc index 9655d79..d64d1cc 100644 --- a/etc/inc/authgui.inc +++ b/etc/inc/authgui.inc @@ -226,8 +226,9 @@ if($config['virtualip']) $nifty_background = "#999"; print_info_box(gettext("You are accessing this router by an IP address not configured locally, which may be forwarded by NAT or other means. <br/><br/>If you did not setup this forwarding, you may be the target of a man-in-the-middle attack.")); } + $noautocomplete = isset($config['system']['webgui']['noautocomplete']) ? 'autocomplete="off"' : ''; ?> - <form id="iform" name="login_iform" method="post" action="<?=$_SERVER['SCRIPT_NAME'];?>"> + <form id="iform" name="login_iform" method="post" <?= $noautocomplete ?> action="<?=$_SERVER['SCRIPT_NAME'];?>"> <h1></h1> <div id="inputerrors"><?=$_SESSION['Login_Error'];?></div> <p> diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index 9f8b2d7..601bb8e 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -57,6 +57,7 @@ $pconfig['disableconsolemenu'] = isset($config['system']['disableconsolemenu']); $pconfig['noantilockout'] = isset($config['system']['webgui']['noantilockout']); $pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']); $pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']); +$pconfig['noautocomplete'] = isset($config['system']['webgui']['noautocomplete']); $pconfig['althostnames'] = $config['system']['webgui']['althostnames']; $pconfig['enableserial'] = $config['system']['enableserial']; $pconfig['enablesshd'] = $config['system']['enablesshd']; @@ -152,6 +153,11 @@ if ($_POST) { else unset($config['system']['webgui']['nohttpreferercheck']); + if ($_POST['noautocomplete'] == "yes") + $config['system']['webgui']['noautocomplete'] = true; + else + unset($config['system']['webgui']['noautocomplete']); + if ($_POST['althostnames']) $config['system']['webgui']['althostnames'] = $_POST['althostnames']; else @@ -322,12 +328,24 @@ function prot_change() { <strong><?=gettext("Disable webConfigurator redirect rule"); ?></strong> <br/> <?php echo gettext("When this is unchecked, access to the webConfigurator " . - "is always permitted even on port 80, regardless of the listening port configured." . + "is always permitted even on port 80, regardless of the listening port configured. " . "Check this box to disable this automatically added redirect rule. "); ?> </td> </tr> <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("WebGUI Login Autocomplete"); ?></td> + <td width="78%" class="vtable"> + <input name="noautocomplete" type="checkbox" id="noautocomplete" value="yes" <?php if ($pconfig['noautocomplete']) echo "checked"; ?> /> + <strong><?=gettext("Disable webConfigurator login autocomplete"); ?></strong> + <br/> + <?php echo gettext("When this is unchecked, login credentials for the webConfigurator " . + "may be saved by the browser. While convenient, some security standards require this to be disabled. " . + "Check this box to disable autocomplete on the login form so that browsers will not prompt to save credentials (NOTE: Some browsers do not respect this option). "); + ?> + </td> + </tr> + <tr> <td width="22%" valign="top" class="vncell"><?=gettext("WebGUI login messages"); ?></td> <td width="78%" class="vtable"> <input name="quietlogin" type="checkbox" id="quietlogin" value="yes" <?php if ($pconfig['quietlogin']) echo "checked"; ?> /> |