From 1fa9ae26cc6006f8ee94fabddb7fea171adee55d Mon Sep 17 00:00:00 2001 From: Colleen Murphy Date: Thu, 2 Nov 2017 18:19:09 +0100 Subject: [PATCH] Don't add required attribute to html form fields In Django 1.10 a new Form property was introduced, defaulting to True, which enabled HTML form validation for fields marked "required" in Django. This changed old behavior, which was that required fields were only validated server-side. This patch restores old behavior by setting use_required_attribute to False for the inherited AuthenticationForm. This problem arose because when WebSSO is enabled and a non-keystone-credentials authentication method is selected from the dropdown list, the now-hidden username and password fields are still marked "required" and still validated client-side, even though they are invisible to the user and cannot be filled in. It would be nice to fix the javascript to properly turn the "required" attribute on or off depending on what authentication method is selected and whether the "required" fields are even visible, but for now this just restores the behavior we had before Djanto 1.10. Change-Id: I3e798a2288d9c33396b40a86b07ea8c163d3b525 Closes-bug: #1703109 --- openstack_auth/forms.py | 1 + 1 file changed, 1 insertion(+) diff --git a/openstack_auth/forms.py b/openstack_auth/forms.py index c7d0c51c..107fb191 100644 --- a/openstack_auth/forms.py +++ b/openstack_auth/forms.py @@ -47,6 +47,7 @@ class Login(django_auth_forms.AuthenticationForm): Inherits from the base ``django.contrib.auth.forms.AuthenticationForm`` class for added security features. """ + use_required_attribute = False region = forms.ChoiceField(label=_("Region"), required=False) username = forms.CharField( label=_("User Name"),