fix: prevent password managers autofilling Gemini API key field

Change type="password" to type="text" — the main signal password managers use. Also add autocomplete="off", data-lpignore, data-1p-ignore for broader coverage across Bitwarden, 1Password, LastPass. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-27 21:57:14 -04:00
parent ce806e52ed
commit 3a94df1eaf
1 changed files with 3 additions and 2 deletions
--- a/cortex/static/settings.html
+++ b/cortex/static/settings.html
@@ -258,8 +258,9 @@
      <form method="POST" action="/settings/gemini-key">
        <div class="field">
          <label for="gemini_api_key">API Key</label>
-          <input type="password" id="gemini_api_key" name="gemini_api_key"
-                 placeholder="{{ gemini_key_hint }}" autocomplete="off">
+          <input type="text" id="gemini_api_key" name="gemini_api_key"
+                 placeholder="{{ gemini_key_hint }}" autocomplete="off"
+                 spellcheck="false" data-1p-ignore data-lpignore="true">
        </div>
        <button type="submit">Save Key</button>
      </form>