Browse Source

Don't add required attribute to html form fields

In Django 1.10 a new Form property was introduced, defaulting to True,
which enabled HTML form validation for fields marked "required" in
Django. This changed old behavior, which was that required fields were
only validated server-side. This patch restores old behavior by setting
use_required_attribute to False for the inherited AuthenticationForm.

This problem arose because when WebSSO is enabled and a
non-keystone-credentials authentication method is selected from the
dropdown list, the now-hidden username and password fields are still
marked "required" and still validated client-side, even though they are
invisible to the user and cannot be filled in. It would be nice to fix
the javascript to properly turn the "required" attribute on or off
depending on what authentication method is selected and whether the
"required" fields are even visible, but for now this just restores the
behavior we had before Djanto 1.10.

Change-Id: I3e798a2288d9c33396b40a86b07ea8c163d3b525
Closes-bug: #1703109
Colleen Murphy 1 year ago
1 changed files with 1 additions and 0 deletions
  1. 1

+ 1
- 0
openstack_auth/ View File

@@ -47,6 +47,7 @@ class Login(django_auth_forms.AuthenticationForm):
47 47
     Inherits from the base ``django.contrib.auth.forms.AuthenticationForm``
48 48
     class for added security features.
49 49
+    use_required_attribute = False
50 51
     region = forms.ChoiceField(label=_("Region"), required=False)
51 52
     username = forms.CharField(
52 53
         label=_("User Name"),