Browse Source

Support Re-enabling CapturePasswords for Landing Pages (#1271)

Fixed a bug when marking the capture password, saving and unmarking the capture password, the attribute does not comeback and the password will never be captured again for this template.
pull/1272/head
Jordan Wright 2 years ago
committed by GitHub
parent
commit
7fd0657a91
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 29 additions and 4 deletions
  1. +9
    -0
      models/page.go
  2. +20
    -4
      models/page_test.go

+ 9
- 0
models/page.go View File

@ -46,6 +46,15 @@ func (p *Page) parseHTML() error {
input.RemoveAttr("name")
}
})
} else {
// If the user chooses to re-enable the capture passwords setting,
// we need to re-add the name attribute
inputs := f.Find("input")
inputs.Each(func(j int, input *goquery.Selection) {
if t, _ := input.Attr("type"); strings.EqualFold(t, "password") {
input.SetAttr("name", "password")
}
})
}
} else {
// Otherwise, remove the name from all

+ 20
- 4
models/page_test.go View File

@ -41,6 +41,7 @@ func (s *ModelsSuite) TestPostPage(c *check.C) {
c.Assert(ok, check.Equals, true)
c.Assert(u, check.Equals, "username")
})
// Check what happens when we don't capture passwords
p.CapturePasswords = false
p.HTML = html
@ -55,7 +56,7 @@ func (s *ModelsSuite) TestPostPage(c *check.C) {
// Check the action has been set
a, _ := f.Attr("action")
c.Assert(a, check.Equals, "")
// Check the password still has a name
// Check the password name has been removed
_, ok := f.Find("input[type=\"password\"]").Attr("name")
c.Assert(ok, check.Equals, false)
// Check the username is still correct
@ -63,7 +64,8 @@ func (s *ModelsSuite) TestPostPage(c *check.C) {
c.Assert(ok, check.Equals, true)
c.Assert(u, check.Equals, "username")
})
// Finally, check when we don't capture credentials
// Check when we don't capture credentials
p.CaptureCredentials = false
p.HTML = html
err = PutPage(&p)
@ -75,13 +77,27 @@ func (s *ModelsSuite) TestPostPage(c *check.C) {
// Check the action has been set
a, _ := f.Attr("action")
c.Assert(a, check.Equals, "")
// Check the password still has a name
// Check the password name has been removed
_, ok := f.Find("input[type=\"password\"]").Attr("name")
c.Assert(ok, check.Equals, false)
// Check the username is still correct
// Check the username name has been removed
_, ok = f.Find("input").Attr("name")
c.Assert(ok, check.Equals, false)
})
// Finally, re-enable capturing passwords (ref: #1267)
p.CaptureCredentials = true
p.CapturePasswords = true
err = PutPage(&p)
c.Assert(err, check.Equals, nil)
d, err = goquery.NewDocumentFromReader(strings.NewReader(p.HTML))
c.Assert(err, check.Equals, nil)
forms = d.Find("form")
forms.Each(func(i int, f *goquery.Selection) {
// Check the password still has a name
_, ok := f.Find("input[type=\"password\"]").Attr("name")
c.Assert(ok, check.Equals, true)
})
}
func (s *ModelsSuite) TestPageValidation(c *check.C) {

Loading…
Cancel
Save