From 67da4c1b259e9d000535f35974cf12051c1c42b5 Mon Sep 17 00:00:00 2001 From: Dan Church Date: Sun, 23 Apr 2023 09:28:27 -0500 Subject: [PATCH] Set type="password" on all auth_token fields (#22175) Set `type="password"` on all `auth_token` fields Seen when migrating from other hosting platforms. 1. Prevents exposing the token to screen capture/cameras/eyeballs. 2. Prevents the browser from saving the value in its autocomplete dictionary, which often is not secure. ![exposed auth token](https://user-images.githubusercontent.com/615684/208541005-e2c9c6b0-3c6c-4a56-95d9-357b987aa0c8.png) Closes #22174 --------- Signed-off-by: Dan Church Co-authored-by: silverwind --- templates/repo/migrate/gitea.tmpl | 2 +- templates/repo/migrate/github.tmpl | 2 +- templates/repo/migrate/gitlab.tmpl | 2 +- templates/repo/migrate/gogs.tmpl | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/templates/repo/migrate/gitea.tmpl b/templates/repo/migrate/gitea.tmpl index ecbf89608..f1d4e4f06 100644 --- a/templates/repo/migrate/gitea.tmpl +++ b/templates/repo/migrate/gitea.tmpl @@ -20,7 +20,7 @@
- + {{svg "octicon-question"}}
diff --git a/templates/repo/migrate/github.tmpl b/templates/repo/migrate/github.tmpl index 63b5e83a2..c591f2a46 100644 --- a/templates/repo/migrate/github.tmpl +++ b/templates/repo/migrate/github.tmpl @@ -20,7 +20,7 @@
- + {{svg "octicon-question"}} {{.locale.Tr "repo.migrate.github_token_desc"}} diff --git a/templates/repo/migrate/gitlab.tmpl b/templates/repo/migrate/gitlab.tmpl index 946b7da37..65559da15 100644 --- a/templates/repo/migrate/gitlab.tmpl +++ b/templates/repo/migrate/gitlab.tmpl @@ -20,7 +20,7 @@
- + {{svg "octicon-question"}}
diff --git a/templates/repo/migrate/gogs.tmpl b/templates/repo/migrate/gogs.tmpl index 85dbce816..8bc57861a 100644 --- a/templates/repo/migrate/gogs.tmpl +++ b/templates/repo/migrate/gogs.tmpl @@ -20,7 +20,7 @@
- +