From c86c61c9a4134b25e2e3140e4f01e3b49649b207 Mon Sep 17 00:00:00 2001 From: evazion Date: Fri, 10 Jan 2020 16:08:34 -0600 Subject: [PATCH] Fix #4162: Remove browser autocomplete from most inputs. --- app/helpers/application_helper.rb | 5 +++++ app/views/admin/users/edit.html.erb | 2 +- app/views/artists/_form.html.erb | 2 +- app/views/bans/_form.html.erb | 2 +- app/views/bans/edit.html.erb | 2 +- app/views/bulk_update_requests/_form.html.erb | 2 +- app/views/comments/_form.html.erb | 2 +- app/views/dmails/_form.html.erb | 2 +- app/views/favorite_group_orders/edit.html.erb | 2 +- app/views/favorite_groups/edit.html.erb | 2 +- app/views/favorite_groups/new.html.erb | 2 +- app/views/forum_posts/partials/edit/_form.html.erb | 2 +- app/views/forum_posts/partials/new/_form.html.erb | 2 +- app/views/forum_topics/_form.html.erb | 2 +- app/views/ip_bans/new.html.erb | 2 +- app/views/maintenance/user/api_keys/show.html.erb | 2 +- app/views/maintenance/user/dmail_filters/edit.html.erb | 2 +- app/views/maintenance/user/passwords/edit.html.erb | 2 +- app/views/moderator/tags/edit.html.erb | 2 +- app/views/news_updates/edit.html.erb | 2 +- app/views/news_updates/new.html.erb | 2 +- app/views/pool_orders/edit.html.erb | 2 +- app/views/pools/edit.html.erb | 2 +- app/views/pools/new.html.erb | 2 +- app/views/post_appeals/_new.html.erb | 2 +- .../post_disapprovals/_detailed_rejection_dialog.html.erb | 2 +- app/views/post_flags/_new.html.erb | 2 +- app/views/post_replacements/_new.html.erb | 2 +- app/views/posts/partials/show/_edit.html.erb | 2 +- app/views/saved_searches/_interface.html.erb | 2 +- app/views/saved_searches/edit.html.erb | 2 +- app/views/tag_aliases/edit.html.erb | 2 +- app/views/tag_implications/edit.html.erb | 2 +- app/views/tags/edit.html.erb | 2 +- app/views/uploads/new.html.erb | 2 +- app/views/user_feedbacks/edit.html.erb | 2 +- app/views/user_feedbacks/new.html.erb | 2 +- app/views/user_name_change_requests/new.html.erb | 2 +- app/views/users/edit.html.erb | 2 +- app/views/users/new.html.erb | 2 +- app/views/wiki_pages/_form.html.erb | 2 +- app/views/wiki_pages/new.html.erb | 2 +- 42 files changed, 46 insertions(+), 41 deletions(-) diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 74127c8b5..3a92f76e6 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -197,6 +197,11 @@ module ApplicationHelper simple_form_for(:search, method: method, url: url, defaults: defaults, html: html_options, &block) end + def edit_form_for(model, **options, &block) + options[:html] = { autocomplete: "off", **options[:html].to_h } + simple_form_for(model, **options, &block) + end + def table_for(*options, &block) table = TableBuilder.new(*options, &block) render "table_builder/table", table: table diff --git a/app/views/admin/users/edit.html.erb b/app/views/admin/users/edit.html.erb index caad5eef8..38a08c915 100644 --- a/app/views/admin/users/edit.html.erb +++ b/app/views/admin/users/edit.html.erb @@ -2,7 +2,7 @@

Edit User: <%= @user.name %>

- <%= simple_form_for(@user, url: admin_user_path(@user), method: :put) do |f| %> + <%= edit_form_for(@user, url: admin_user_path(@user)) do |f| %> <%= f.input :level, collection: User.level_hash.to_a, selected: @user.level %> <%= f.input :can_upload_free, label: "Unrestricted Uploads", as: :boolean, selected: @user.can_upload_free %> <%= f.input :can_approve_posts, label: "Approve Posts", as: :boolean, selected: @user.can_approve_posts %> diff --git a/app/views/artists/_form.html.erb b/app/views/artists/_form.html.erb index 39d4956c2..2c85d743e 100644 --- a/app/views/artists/_form.html.erb +++ b/app/views/artists/_form.html.erb @@ -1,4 +1,4 @@ -<%= simple_form_for(@artist) do |f| %> +<%= edit_form_for(@artist) do |f| %> <% if @artist.new_record? %> <%= f.input :name, as: :string, input_html: { data: { autocomplete: "tag" } } %> <% else %> diff --git a/app/views/bans/_form.html.erb b/app/views/bans/_form.html.erb index 5bd4d952b..5667aa73f 100644 --- a/app/views/bans/_form.html.erb +++ b/app/views/bans/_form.html.erb @@ -1,4 +1,4 @@ -<%= simple_form_for(ban) do |f| %> +<%= edit_form_for(ban) do |f| %> <%= error_messages_for("ban") %> <%= f.input :user_name, :as => :string, :input_html => { data: { autocomplete: "user" } } %> diff --git a/app/views/bans/edit.html.erb b/app/views/bans/edit.html.erb index 553291a1a..11cfdd309 100644 --- a/app/views/bans/edit.html.erb +++ b/app/views/bans/edit.html.erb @@ -2,7 +2,7 @@

Edit Ban

- <%= simple_form_for(@ban) do |f| %> + <%= edit_form_for(@ban) do |f| %> <%= error_messages_for("ban") %> <%= f.input :duration, :hint => "in days" %> diff --git a/app/views/bulk_update_requests/_form.html.erb b/app/views/bulk_update_requests/_form.html.erb index 2689e1592..899737d41 100644 --- a/app/views/bulk_update_requests/_form.html.erb +++ b/app/views/bulk_update_requests/_form.html.erb @@ -1,4 +1,4 @@ -<%= simple_form_for(@bulk_update_request) do |f| %> +<%= edit_form_for(@bulk_update_request) do |f| %> <%= error_messages_for("bulk_update_request") %>

diff --git a/app/views/comments/_form.html.erb b/app/views/comments/_form.html.erb index e64ee90f1..36ddea864 100644 --- a/app/views/comments/_form.html.erb +++ b/app/views/comments/_form.html.erb @@ -1,6 +1,6 @@ <%= error_messages_for :comment %> -<%= simple_form_for(comment, :html => {:style => ("display: none;" if local_assigns[:hidden]), :class => "edit_comment"}) do |f| %> +<%= edit_form_for(comment, html: { style: ("display: none;" if local_assigns[:hidden]), class: "edit_comment" }) do |f| %> <%= f.hidden_field :post_id %> <%= dtext_field "comment", "body", :classes => "autocomplete-mentions", :value => comment.body, :input_id => "comment_body_for_#{comment.id}", :preview_id => "dtext-preview-for-#{comment.id}" %> <%= f.button :submit, "Submit" %> diff --git a/app/views/dmails/_form.html.erb b/app/views/dmails/_form.html.erb index 527a10c26..f3efb498c 100644 --- a/app/views/dmails/_form.html.erb +++ b/app/views/dmails/_form.html.erb @@ -1,4 +1,4 @@ -<%= simple_form_for(dmail) do |f| %> +<%= edit_form_for(dmail) do |f| %> <%= f.input :to_name, :label => "To", :input_html => { value: dmail.to.try(:name), data: { autocomplete: "user" } } %> <%= f.input :title, :as => :string %> <%= dtext_field "dmail", "body" %> diff --git a/app/views/favorite_group_orders/edit.html.erb b/app/views/favorite_group_orders/edit.html.erb index eaafa2042..d3a3099a2 100644 --- a/app/views/favorite_group_orders/edit.html.erb +++ b/app/views/favorite_group_orders/edit.html.erb @@ -13,7 +13,7 @@ <% end %> - <%= simple_form_for(@favorite_group, :format => :js, :html => {:id => "ordering-form"}) do |f| %> + <%= edit_form_for(@favorite_group, :format => :js, :html => {:id => "ordering-form"}) do |f| %> <%= submit_tag "Save" %> <% end %>

diff --git a/app/views/favorite_groups/edit.html.erb b/app/views/favorite_groups/edit.html.erb index 3b4351b12..e9adcf5d6 100644 --- a/app/views/favorite_groups/edit.html.erb +++ b/app/views/favorite_groups/edit.html.erb @@ -4,7 +4,7 @@ <%= error_messages_for "favorite_group" %> - <%= simple_form_for(@favorite_group) do |f| %> + <%= edit_form_for(@favorite_group) do |f| %> <%= f.input :name, :as => :string, :input_html => { :value => @favorite_group.pretty_name } %> <%= f.input :post_ids, :label => "Posts" %> <%= f.input :is_public %> diff --git a/app/views/favorite_groups/new.html.erb b/app/views/favorite_groups/new.html.erb index 8fa1f6833..9d1f6c506 100644 --- a/app/views/favorite_groups/new.html.erb +++ b/app/views/favorite_groups/new.html.erb @@ -4,7 +4,7 @@ <%= error_messages_for "favorite_group" %> - <%= simple_form_for(@favorite_group) do |f| %> + <%= edit_form_for(@favorite_group) do |f| %> <%= f.input :name, :as => :string, :required => true %> <%= f.input :post_ids, :label => "Posts" %> <%= f.button :submit, "Submit" %> diff --git a/app/views/forum_posts/partials/edit/_form.html.erb b/app/views/forum_posts/partials/edit/_form.html.erb index 5cc5f49b2..617219d23 100644 --- a/app/views/forum_posts/partials/edit/_form.html.erb +++ b/app/views/forum_posts/partials/edit/_form.html.erb @@ -1,6 +1,6 @@ <%= error_messages_for("forum_post") %> -<%= simple_form_for(forum_post) do |f| %> +<%= edit_form_for(forum_post) do |f| %> <%= dtext_field "forum_post", "body", :value => forum_post.body, :classes => "autocomplete-mentions", :input_id => "forum_post_body_for_#{forum_post.id}", :preview_id => "dtext-preview-for-#{forum_post.id}" %> <%= f.button :submit, "Submit" %> diff --git a/app/views/forum_posts/partials/new/_form.html.erb b/app/views/forum_posts/partials/new/_form.html.erb index 73789fde4..874910c4f 100644 --- a/app/views/forum_posts/partials/new/_form.html.erb +++ b/app/views/forum_posts/partials/new/_form.html.erb @@ -1,6 +1,6 @@ <%= error_messages_for("forum_post") %> -<%= simple_form_for(forum_post) do |f| %> +<%= edit_form_for(forum_post) do |f| %> <% if @forum_topic %> <%= f.input :topic_id, :as => :hidden %> <% else %> diff --git a/app/views/forum_topics/_form.html.erb b/app/views/forum_topics/_form.html.erb index 1eb18777b..a2ec14166 100644 --- a/app/views/forum_topics/_form.html.erb +++ b/app/views/forum_topics/_form.html.erb @@ -1,7 +1,7 @@ <%= error_messages_for("forum_topic") %>
- <%= simple_form_for(forum_topic) do |f| %> + <%= edit_form_for(forum_topic) do |f| %> <%= f.input :title %>
diff --git a/app/views/ip_bans/new.html.erb b/app/views/ip_bans/new.html.erb index a0219ea8a..6aa520479 100644 --- a/app/views/ip_bans/new.html.erb +++ b/app/views/ip_bans/new.html.erb @@ -4,7 +4,7 @@ <%= error_messages_for "ip_ban" %> - <%= simple_form_for(@ip_ban) do |f| %> + <%= edit_form_for(@ip_ban) do |f| %> <%= f.input :ip_addr, label: "IP Address", as: :string, hint: "Add /24 to ban a subnet. Example: 1.2.3.4/24" %> <%= f.input :reason %> <%= f.button :submit, "Submit" %> diff --git a/app/views/maintenance/user/api_keys/show.html.erb b/app/views/maintenance/user/api_keys/show.html.erb index 802b65073..36873ae2c 100644 --- a/app/views/maintenance/user/api_keys/show.html.erb +++ b/app/views/maintenance/user/api_keys/show.html.erb @@ -3,7 +3,7 @@

API Key

You must re-enter your password to view or change your API key.

- <%= simple_form_for CurrentUser.user, url: view_user_api_key_path(CurrentUser.user), method: :post do |f| %> + <%= edit_form_for CurrentUser.user, url: view_user_api_key_path(CurrentUser.user), method: :post do |f| %> <%= f.input :password, :as => :password, :input_html => {:autocomplete => "off"} %> <%= f.button :submit, "Submit" %> <% end %> diff --git a/app/views/maintenance/user/dmail_filters/edit.html.erb b/app/views/maintenance/user/dmail_filters/edit.html.erb index 1a0644c67..8a4149790 100644 --- a/app/views/maintenance/user/dmail_filters/edit.html.erb +++ b/app/views/maintenance/user/dmail_filters/edit.html.erb @@ -17,7 +17,7 @@
- <%= simple_form_for @dmail_filter, :url => maintenance_user_dmail_filter_path(:dmail_id => @dmail.id), :method => :put do |f| %> + <%= edit_form_for @dmail_filter, :url => maintenance_user_dmail_filter_path(:dmail_id => @dmail.id) do |f| %>
<%= text_area_tag "dmail_filter[words]", @dmail_filter.words, :id => "dmail_filter_words", :class => "text", :style => "height: 10em;" %> diff --git a/app/views/maintenance/user/passwords/edit.html.erb b/app/views/maintenance/user/passwords/edit.html.erb index 3448d4d4e..dc7856c78 100644 --- a/app/views/maintenance/user/passwords/edit.html.erb +++ b/app/views/maintenance/user/passwords/edit.html.erb @@ -2,7 +2,7 @@

Change Password

- <%= simple_form_for @user do |f| %> + <%= edit_form_for @user do |f| %> <%= f.input :old_password, :as => :password, :input_html => {:autocomplete => "off"} %> <%= f.input :password, :label => "New password", :input_html => {:autocomplete => "off"} %> <%= f.button :submit, "Submit" %> diff --git a/app/views/moderator/tags/edit.html.erb b/app/views/moderator/tags/edit.html.erb index 54de9a314..ffe0fe7b2 100644 --- a/app/views/moderator/tags/edit.html.erb +++ b/app/views/moderator/tags/edit.html.erb @@ -2,7 +2,7 @@

Mass Edit

- <%= simple_form_for(:tag, url: moderator_tag_path, method: :put) do |f| %> + <%= edit_form_for(:tag, url: moderator_tag_path, method: :put) do |f| %> <%= f.input :antecedent, input_html: { value: params[:antecedent], "data-autocomplete": "tag-query" } %> <%= f.input :consequent, input_html: { value: params[:consequent], "data-autocomplete": "tag-edit" } %> <%= f.submit "Submit" %> diff --git a/app/views/news_updates/edit.html.erb b/app/views/news_updates/edit.html.erb index 08338987c..8f9819322 100644 --- a/app/views/news_updates/edit.html.erb +++ b/app/views/news_updates/edit.html.erb @@ -2,7 +2,7 @@

Edit Update

- <%= simple_form_for(@news_update) do |f| %> + <%= edit_form_for(@news_update) do |f| %> <%= f.input :message, :hint => "Use HTML for formatting", :input_html => {:size => "30x5"} %> <%= f.button :submit, "Submit" %> <% end %> diff --git a/app/views/news_updates/new.html.erb b/app/views/news_updates/new.html.erb index 171d24549..b0f0e64de 100644 --- a/app/views/news_updates/new.html.erb +++ b/app/views/news_updates/new.html.erb @@ -2,7 +2,7 @@

New Update

- <%= simple_form_for(@news_update) do |f| %> + <%= edit_form_for(@news_update) do |f| %> <%= f.input :message, :hint => "Use HTML for formatting", :input_html => {:size => "30x5"} %> <%= f.button :submit, "Submit" %> <% end %> diff --git a/app/views/pool_orders/edit.html.erb b/app/views/pool_orders/edit.html.erb index b31be6a06..d62070a82 100644 --- a/app/views/pool_orders/edit.html.erb +++ b/app/views/pool_orders/edit.html.erb @@ -2,7 +2,7 @@

Order Pool: <%= @pool.pretty_name %>

- <%= simple_form_for(@pool, format: :js, html: { id: "ordering-form" }) do |f| %> + <%= edit_form_for(@pool, format: :js, html: { id: "ordering-form" }) do |f| %> <% if @pool.post_count <= Pool::POOL_ORDER_LIMIT %>

Drag and drop the list below to determine ordering.

diff --git a/app/views/pools/edit.html.erb b/app/views/pools/edit.html.erb index e2a7f718b..053fa2e4c 100644 --- a/app/views/pools/edit.html.erb +++ b/app/views/pools/edit.html.erb @@ -1,6 +1,6 @@
- <%= simple_form_for(@pool) do |f| %> + <%= edit_form_for(@pool) do |f| %>

Edit Pool: <%= @pool.pretty_name %>

<%= error_messages_for "pool" %> diff --git a/app/views/pools/new.html.erb b/app/views/pools/new.html.erb index 0f31f9b92..ae2338ce2 100644 --- a/app/views/pools/new.html.erb +++ b/app/views/pools/new.html.erb @@ -4,7 +4,7 @@

Before creating a pool, read the <%= link_to "pool guidelines", wiki_page_path(:id => "howto:pools") %>.

- <%= simple_form_for(@pool) do |f| %> + <%= edit_form_for(@pool) do |f| %> <%= f.input :name, :as => :string, :required => true %> <%= dtext_field "pool", "description" %> <%= f.input :post_ids_string, as: :text, label: "Posts" %> diff --git a/app/views/post_appeals/_new.html.erb b/app/views/post_appeals/_new.html.erb index b652c1d08..3bce7ef08 100644 --- a/app/views/post_appeals/_new.html.erb +++ b/app/views/post_appeals/_new.html.erb @@ -5,7 +5,7 @@ <%# XXX dtext_field expects there to be a `post_appeal` instance variable. %> <% @post_appeal = post_appeal %> - <%= simple_form_for(@post_appeal, format: :js, remote: true) do |f| %> + <%= edit_form_for(@post_appeal, format: :js, remote: true) do |f| %> <%= f.hidden_field :post_id %> <%= dtext_field "post_appeal", "reason", preview_id: "dtext-preview-for-post-appeal", type: "string" %> <%= dtext_preview_button "post_appeal", "reason", preview_id: "dtext-preview-for-post-appeal" %> diff --git a/app/views/post_disapprovals/_detailed_rejection_dialog.html.erb b/app/views/post_disapprovals/_detailed_rejection_dialog.html.erb index 4e1462359..3da4fb3a3 100644 --- a/app/views/post_disapprovals/_detailed_rejection_dialog.html.erb +++ b/app/views/post_disapprovals/_detailed_rejection_dialog.html.erb @@ -1,7 +1,7 @@ - <%= simple_form_for(post_replacement, url: post_replacements_path(post_id: post_replacement.post_id), method: :post) do |f| %> + <%= edit_form_for(post_replacement, url: post_replacements_path(post_id: post_replacement.post_id), method: :post) do |f| %> <%= f.input :replacement_file, label: "File", as: :file %> <%= f.input :replacement_url, label: "Replacement URL", hint: "The source URL to download the replacement from.", as: :string, input_html: { value: post_replacement.post.normalized_source } %> <%= f.input :final_source, label: "Final Source", hint: "If present, the source field will be changed to this after replacement.", as: :string, input_html: { value: post_replacement.post.source } %> diff --git a/app/views/posts/partials/show/_edit.html.erb b/app/views/posts/partials/show/_edit.html.erb index 65ebb9c7b..683124e7e 100644 --- a/app/views/posts/partials/show/_edit.html.erb +++ b/app/views/posts/partials/show/_edit.html.erb @@ -6,7 +6,7 @@ <%= render "sources/info" %> -<%= simple_form_for(post, html: { id: "form", autocomplete: "off" }) do |f| %> +<%= edit_form_for(post, html: { id: "form" }) do |f| %> <%= hidden_field_tag :tags_query, params[:q] %> <%= hidden_field_tag :pool_id, params[:pool_id] %> <%= hidden_field_tag :favgroup_id, params[:favgroup_id] %> diff --git a/app/views/saved_searches/_interface.html.erb b/app/views/saved_searches/_interface.html.erb index 3e1b6b3ed..30139adac 100644 --- a/app/views/saved_searches/_interface.html.erb +++ b/app/views/saved_searches/_interface.html.erb @@ -1,6 +1,6 @@