gustafn
committed
on 20 Jun
Modernize logic for protecting against cached passwords from forms,
when users log out and other users use the back button (for Nora).
- swi… Show more
Modernize logic for protecting against cached passwords from forms,

when users log out and other users use the back button (for Nora).

- switch to more modern caching prevention

- add CSRF protection to login form against forgery requests

- none of the cache-preventing mechanisms helps when the user

 stores the password in the browser (no change to the past).

- For admins of existing sites: alter kernel parameter

 "LoginPageExpirationTime" to 0 make use of this feature

Show less