"Spell-Jacking" mitigation ~ prevent sensitive data leak from spell checker.

@see https://www.otto-js.com/news/article/chrome-and-edge-enhanced-spellcheck-features-expose-pii-even-your-passwords
2025-09-14 12:35:57 +03:00 · 2023-01-15 15:17:00 +01:00
parent 9366e31452
commit 9b20decdc1
2 changed files with 3 additions and 3 deletions
--- a/src/static/templates/admin/users.hbs
+++ b/src/static/templates/admin/users.hbs
@@ -96,7 +96,7 @@
            <small>Email:</small>

            <form class="form-inline input-group w-50" id="inviteUserForm">
-                <input type="email" class="form-control me-2" id="inviteEmail" placeholder="Enter email" required>
+                <input type="email" class="form-control me-2" id="inviteEmail" placeholder="Enter email" required spellcheck="false">
                <button type="submit" class="btn btn-primary">Invite</button>
            </form>
        </div>