mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-24 15:23:33 +01:00
67da4c1b25
Set `type="password"` on all `auth_token` fields Seen when migrating from other hosting platforms. 1. Prevents exposing the token to screen capture/cameras/eyeballs. 2. Prevents the browser from saving the value in its autocomplete dictionary, which often is not secure. ![exposed auth token](https://user-images.githubusercontent.com/615684/208541005-e2c9c6b0-3c6c-4a56-95d9-357b987aa0c8.png) Closes #22174 --------- Signed-off-by: Dan Church <amphetamachine@gmail.com> Co-authored-by: silverwind <me@silverwind.io>
127 lines
5.3 KiB
Handlebars
127 lines
5.3 KiB
Handlebars
{{template "base/head" .}}
|
|
<div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
|
|
<div class="ui middle very relaxed page grid">
|
|
<div class="column">
|
|
<form class="ui form" action="{{.Link}}" method="post">
|
|
{{.CsrfTokenHtml}}
|
|
<h3 class="ui top attached header">
|
|
{{.locale.Tr "repo.migrate.migrate" .service.Title}}
|
|
<input id="service_type" type="hidden" name="service" value="{{.service}}">
|
|
</h3>
|
|
<div class="ui attached segment">
|
|
{{template "base/alert" .}}
|
|
<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
|
|
<label for="clone_addr">{{.locale.Tr "repo.migrate.clone_address"}}</label>
|
|
<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
|
|
<span class="help">
|
|
{{.locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{.locale.Tr "repo.migrate.clone_local_path"}}{{end}}
|
|
</span>
|
|
</div>
|
|
|
|
<div class="inline field {{if .Err_Auth}}error{{end}}">
|
|
<label for="auth_token">{{.locale.Tr "access_token"}}</label>
|
|
<input id="auth_token" name="auth_token" type="password" autocomplete="new-password" value="{{.auth_token}}" {{if not .auth_token}}data-need-clear="true"{{end}}>
|
|
<a target="_blank" href="https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html">{{svg "octicon-question"}}</a>
|
|
</div>
|
|
|
|
{{template "repo/migrate/options" .}}
|
|
|
|
<div class="inline field">
|
|
<label>{{.locale.Tr "repo.migrate_items"}}</label>
|
|
<div class="ui checkbox">
|
|
<input name="wiki" type="checkbox" {{if .wiki}}checked{{end}}>
|
|
<label>{{.locale.Tr "repo.migrate_items_wiki" | Safe}}</label>
|
|
</div>
|
|
</div>
|
|
<div id="migrate_items">
|
|
<span class="help">{{.locale.Tr "repo.migrate.migrate_items_options"}}</span>
|
|
<div class="inline field">
|
|
<label></label>
|
|
<div class="ui checkbox">
|
|
<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
|
|
<label>{{.locale.Tr "repo.migrate_items_labels" | Safe}}</label>
|
|
</div>
|
|
<div class="ui checkbox">
|
|
<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
|
|
<label>{{.locale.Tr "repo.migrate_items_issues" | Safe}}</label>
|
|
</div>
|
|
</div>
|
|
<div class="inline field">
|
|
<label></label>
|
|
<div class="ui checkbox">
|
|
<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
|
|
<label>{{.locale.Tr "repo.migrate_items_merge_requests" | Safe}}</label>
|
|
</div>
|
|
<div class="ui checkbox">
|
|
<input name="releases" type="checkbox" {{if .releases}}checked{{end}}>
|
|
<label>{{.locale.Tr "repo.migrate_items_releases" | Safe}}</label>
|
|
</div>
|
|
</div>
|
|
<div class="inline field">
|
|
<label></label>
|
|
<div class="ui checkbox">
|
|
<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
|
|
<label>{{.locale.Tr "repo.migrate_items_milestones" | Safe}}</label>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="ui divider"></div>
|
|
|
|
<div class="inline required field {{if .Err_Owner}}error{{end}}">
|
|
<label>{{.locale.Tr "repo.owner"}}</label>
|
|
<div class="ui selection owner dropdown">
|
|
<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
|
|
<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
|
|
{{avatar $.Context .ContextUser 28 "mini"}}
|
|
<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
|
|
</span>
|
|
{{svg "octicon-triangle-down" 14 "dropdown icon"}}
|
|
<div class="menu" title="{{.SignedUser.Name}}">
|
|
<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
|
|
{{avatar $.Context .SignedUser 28 "mini"}}
|
|
<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
|
|
</div>
|
|
{{range .Orgs}}
|
|
<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
|
|
{{avatar $.Context . 28 "mini"}}
|
|
<span class="truncated-item-name">{{.ShortName 40}}</span>
|
|
</div>
|
|
{{end}}
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="inline required field {{if .Err_RepoName}}error{{end}}">
|
|
<label for="repo_name">{{.locale.Tr "repo.repo_name"}}</label>
|
|
<input id="repo_name" name="repo_name" value="{{.repo_name}}" required>
|
|
</div>
|
|
<div class="inline field">
|
|
<label>{{.locale.Tr "repo.visibility"}}</label>
|
|
<div class="ui checkbox">
|
|
{{if .IsForcedPrivate}}
|
|
<input name="private" type="checkbox" checked readonly>
|
|
<label>{{.locale.Tr "repo.visibility_helper_forced" | Safe}}</label>
|
|
{{else}}
|
|
<input name="private" type="checkbox" {{if .private}}checked{{end}}>
|
|
<label>{{.locale.Tr "repo.visibility_helper" | Safe}}</label>
|
|
{{end}}
|
|
</div>
|
|
</div>
|
|
<div class="inline field {{if .Err_Description}}error{{end}}">
|
|
<label for="description">{{.locale.Tr "repo.repo_desc"}}</label>
|
|
<textarea id="description" name="description">{{.description}}</textarea>
|
|
</div>
|
|
|
|
<div class="inline field">
|
|
<label></label>
|
|
<button class="ui green button">
|
|
{{.locale.Tr "repo.migrate_repo"}}
|
|
</button>
|
|
</div>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
{{template "base/footer" .}}
|