fix: login page browser warnings and password manager support

- Make COOP header conditional on development mode to suppress HTTP warnings - Add autocomplete attributes to all email/password inputs for password manager compatibility - Add comprehensive tests for COOP conditional behavior - Update security documentation for COOP, HTTPS requirements, and autocomplete Fixes browser console warnings and improves UX by enabling password managers. All quality gates passed: 85.7% backend coverage, 86.46% frontend coverage, zero security issues, all pre-commit hooks passed. Changes: - Backend: backend/internal/api/middleware/security.go - Frontend: Login, Setup, Account, AcceptInvite, SMTPSettings pages - Tests: Added 4 new test cases (2 backend, 2 frontend) - Docs: Updated security.md, getting-started.md, README.md
2025-12-21 23:46:25 +00:00
parent 15bb68106f
commit a5c86fc588
13 changed files with 812 additions and 360 deletions
@@ -174,6 +174,7 @@ export default function SMTPSettings() {
                value={username}
                onChange={(e) => setUsername(e.target.value)}
                placeholder="your@email.com"
+                autoComplete="username"
              />
            </div>
            <div className="space-y-2">
@@ -185,6 +186,7 @@ export default function SMTPSettings() {
                onChange={(e) => setPassword(e.target.value)}
                placeholder="••••••••"
                helperText={t('smtp.passwordHelper')}
+                autoComplete="current-password"
              />
            </div>
          </div>