ofbiz-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Arun Patidar (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (OFBIZ-9471) Set autocomplete to off for all the password fields.
Date Sat, 08 Jul 2017 21:17:00 GMT

     [ https://issues.apache.org/jira/browse/OFBIZ-9471?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Arun Patidar closed OFBIZ-9471.
-------------------------------
       Resolution: Fixed
    Fix Version/s: Upcoming Release

Committed in plugin at revision 1801325
Committed in ofbiz-framework at revision 1801324

Thanks Ritesh Kumar for your contribution.



> Set autocomplete to off for all the password fields.
> ----------------------------------------------------
>
>                 Key: OFBIZ-9471
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-9471
>             Project: OFBiz
>          Issue Type: Bug
>          Components: framework
>            Reporter: Ritesh Kumar
>            Assignee: Arun Patidar
>            Priority: Minor
>             Fix For: Upcoming Release
>
>         Attachments: OFBIZ-9471-FRAMEWORK.patch, OFBIZ-9471-PLUGIN.patch
>
>
> The login and Forget password screens have password inputs. It is a best practice to
disable autocomplete on the password field as it will avoid caching sensitive data on client
site (CC numbers) and avoid storing the password in an insecure and hackable client-site database.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message