Pavel Djundik
parent
bae398235e
commit
f2ee299004
@ -3,11 +3,11 @@
|
|||||||
<img src="img/logo-vertical-transparent-bg-inverted.svg" class="logo-inverted" alt="The Lounge" width="256" height="170">
|
<img src="img/logo-vertical-transparent-bg-inverted.svg" class="logo-inverted" alt="The Lounge" width="256" height="170">
|
||||||
|
|
||||||
<label>Username</label>
|
<label>Username</label>
|
||||||
<input class="input" name="user" autocapitalize="none" autofocus>
|
<input class="input" type="text" name="user" autocapitalize="none" autocorrect="off" autocomplete="username" required autofocus>
|
||||||
|
|
||||||
<div class="password-container">
|
<div class="password-container">
|
||||||
<label>Password</label>
|
<label>Password</label>
|
||||||
<input class="input" type="password" name="password">
|
<input class="input" type="password" name="password" autocapitalize="none" autocorrect="off" autocomplete="current-password" required>
|
||||||
{{> ../reveal-password}}
|
{{> ../reveal-password}}
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|||||||
@ -245,7 +245,7 @@ function index(req, res, next) {
|
|||||||
|
|
||||||
const policies = [
|
const policies = [
|
||||||
"default-src 'none'", // default to nothing
|
"default-src 'none'", // default to nothing
|
||||||
"form-action 'none'", // no default-src fallback
|
"form-action 'self'", // 'self' to fix saving passwords in Firefox, even though login is handled in javascript
|
||||||
"connect-src 'self' ws: wss:", // allow self for polling; websockets
|
"connect-src 'self' ws: wss:", // allow self for polling; websockets
|
||||||
"style-src 'self' https: 'unsafe-inline'", // allow inline due to use in irc hex colors
|
"style-src 'self' https: 'unsafe-inline'", // allow inline due to use in irc hex colors
|
||||||
"script-src 'self'", // javascript
|
"script-src 'self'", // javascript
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user