From 9eed38ca508e3fb6cdb4390cf504ae211bc9a665 Mon Sep 17 00:00:00 2001 From: Mark Vanderwiel Date: Wed, 11 Feb 2015 11:47:09 -0600 Subject: [PATCH] Change the default for password_autocomplete to off For better default security, change the default to off for password autocomplete. Base openstack horizon is also making this change soon. Change-Id: Ie46dd5b5e5d65dd4bfa298a4c2d571cf13b94812 Closes-Bug: #1420863 --- CHANGELOG.md | 1 + README.md | 2 +- attributes/default.rb | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fd4b17a..7a90834 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,6 +24,7 @@ This file is used to list changes made in each version of the openstack-dashboar * Fix site template directory defaults for apache 2.4 * Use common specific_endpoint routines (bug 1412919) * Fix notify when using listen_addresses +* Change default for password_autocomplete to off for better default security ## 9.1 * python_packages database client attributes have been moved to the -common cookbook diff --git a/README.md b/README.md index 8012cfc..4ec5a24 100644 --- a/README.md +++ b/README.md @@ -60,7 +60,7 @@ Attributes * `openstack['dashboard']['simple_ip_management']` - Boolean to enable or disable simplified floating IP address management * `openstack['dashboard']['http_port']` - Port that httpd should listen on (default: 80) * `openstack['dashboard']['https_port']` - Port that httpd should listen on for using ssl (default: 443) -* `openstack['dashboard']['password_autocomplete']` - Toggle browser autocompletion for login form ('on' or 'off', default: 'on') +* `openstack['dashboard']['password_autocomplete']` - Toggle browser autocompletion for login form ('on' or 'off', default: 'off') * `openstack['dashboard']['ssl_no_verify']` - Disable SSL certificate checks (useful for self-signed certificates) * `openstack['dashboard']['ssl_cacert']` - The CA certificate to use to verify SSL connections * `openstack['dashboard']['misc_local_settings']` - Additions to the local_settings conf file diff --git a/attributes/default.rb b/attributes/default.rb index faef148..d4cb82f 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -200,7 +200,7 @@ default['openstack']['dashboard']['log_level']['openstack_auth'] = 'INFO' default['openstack']['dashboard']['log_level']['nose.plugins.manager'] = 'INFO' default['openstack']['dashboard']['log_level']['django'] = 'INFO' -default['openstack']['dashboard']['password_autocomplete'] = 'on' +default['openstack']['dashboard']['password_autocomplete'] = 'off' default['openstack']['dashboard']['simple_ip_management'] = false default['openstack']['dashboard']['neutron']['enable_lb'] = false default['openstack']['dashboard']['neutron']['enable_quotas'] = true