"Spell-Jacking" mitigation ~ prevent sensitive data leak from spell checker. (#2091)

@see https://www.otto-js.com/news/article/chrome-and-edge-enhanced-spellcheck-features-expose-pii-even-your-passwords Co-authored-by: Daniel Hammer <daniel.hammer+oss@gmail.com>
2023-02-06 22:29:28 +01:00
parent 9d459fbd0a
commit fc8462dc8a
3 changed files with 27 additions and 7 deletions
@@ -51,10 +51,18 @@ const UserCreate = (props) => {
  return (
    <Create title={<Title subTitle={title} />} {...props}>
      <SimpleForm save={save} variant={'outlined'}>
-        <TextInput source="userName" validate={[required()]} />
+        <TextInput
+          spellCheck={false}
+          source="userName"
+          validate={[required()]}
+        />
        <TextInput source="name" validate={[required()]} />
-        <TextInput source="email" validate={[email()]} />
-        <PasswordInput source="password" validate={[required()]} />
+        <TextInput spellCheck={false} source="email" validate={[email()]} />
+        <PasswordInput
+          spellCheck={false}
+          source="password"
+          validate={[required()]}
+        />
        <BooleanInput source="isAdmin" defaultValue={false} />
      </SimpleForm>
    </Create>