mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-07 20:31:06 -05:00
b19bd1ef61
[views] mitigate Angular XSS in the user-activate module GitOrigin-RevId: 88a4501699b92e33c7ee120d180e60825d82fbd5
63 lines
2 KiB
Text
63 lines
2 KiB
Text
extends ../../../../../app/views/layout
|
|
|
|
block content
|
|
main.content.content-alt
|
|
.container
|
|
.row
|
|
.col-md-6.col-md-offset-3.col-lg-4.col-lg-offset-4
|
|
.alert.alert-success #{translate("nearly_activated")}
|
|
.row
|
|
.col-md-6.col-md-offset-3.col-lg-4.col-lg-offset-4
|
|
.card
|
|
.page-header
|
|
h1 #{translate("please_set_a_password")}
|
|
form(
|
|
async-form="activate",
|
|
name="activationForm",
|
|
action="/user/password/set",
|
|
method="POST",
|
|
ng-cloak
|
|
)
|
|
input(name='_csrf', type='hidden', value=csrfToken)
|
|
input(
|
|
type="hidden",
|
|
name="passwordResetToken",
|
|
value=token
|
|
ng-non-bindable
|
|
)
|
|
.alert.alert-danger(ng-show="activationForm.response.error")
|
|
| #{translate("activation_token_expired")}
|
|
|
|
.form-group
|
|
label(for='email') #{translate("email")}
|
|
input.form-control(
|
|
type='email',
|
|
name='email',
|
|
placeholder="email@example.com"
|
|
required,
|
|
ng-model="email",
|
|
ng-model-options="{ updateOn: 'blur' }",
|
|
disabled
|
|
)
|
|
.form-group
|
|
label(for='password') #{translate("password")}
|
|
input.form-control#passwordField(
|
|
type='password',
|
|
name='password',
|
|
placeholder="********",
|
|
required,
|
|
ng-model="password",
|
|
complex-password,
|
|
focus="true"
|
|
)
|
|
span.small.text-primary(ng-show="activationForm.password.$error.complexPassword", ng-bind-html="complexPasswordErrorMessage")
|
|
.actions
|
|
button.btn-primary.btn(
|
|
type='submit'
|
|
ng-disabled="activationForm.inflight || activationForm.password.$error.required|| activationForm.password.$error.complexPassword"
|
|
)
|
|
span(ng-show="!activationForm.inflight") #{translate("activate")}
|
|
span(ng-show="activationForm.inflight") #{translate("activating")}…
|
|
|
|
script(type='text/javascript').
|
|
window.passwordStrengthOptions = !{StringHelper.stringifyJsonForScript(settings.passwordStrengthOptions || {})}
|