fix: enumeration attack vector on login form

This commit is contained in:
imperosol
2025-06-25 14:42:17 +02:00
parent a7f4630d13
commit 02ef8fdb88
4 changed files with 58 additions and 35 deletions

View File

@ -26,9 +26,11 @@
{% endif %}
{% endif %}
<form method="post" action="{{ url('core:login') }}">
<form method="post" action="{{ url('core:login') }}" id="login-form">
{% if form.errors %}
<p class="alert alert-red">{% trans %}Your username and password didn't match. Please try again.{% endtrans %}</p>
<p class="alert alert-red">
{% trans %}Your credentials didn't match. Please try again.{% endtrans %}
</p>
{% endif %}
{% csrf_token %}