From 0a562763e6b341acbf191310ca7946bf0619503c Mon Sep 17 00:00:00 2001
From: BluemediaGER <oliver@traber-info.de>
Date: Sun, 29 Oct 2023 13:57:22 +0100
Subject: [PATCH] Don't leak plain text password in kcContext

---
 src/static/login/baselayout.ftl | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/static/login/baselayout.ftl b/src/static/login/baselayout.ftl
index cb2735e..ef75886 100644
--- a/src/static/login/baselayout.ftl
+++ b/src/static/login/baselayout.ftl
@@ -92,9 +92,12 @@ SOFTWARE.
           key == "identityProviderBrokerCtx" && 
           are_same_path(path, []) &&
           ["login-idp-link-confirm.ftl", "login-idp-link-email.ftl" ]?seq_contains(pageId)
-        ) ||  (
+        ) || (
           ["masterAdminClient", "delegateForUpdate", "defaultRole"]?seq_contains(key) &&
           are_same_path(path, ["realm"])
+        ) || (
+          ["password"]?seq_contains(key) &&
+          are_same_path(path, ["login"])
         )
       >
         <#continue>