From 1a410660f628851b0db83a3e6cb6907340221a79 Mon Sep 17 00:00:00 2001
From: Robin Ward <robin.ward@gmail.com>
Date: Fri, 13 Apr 2018 09:38:59 -0400
Subject: [PATCH] FIX: Don't autocomplete the password confirmation field

We currently use that field for our honeypot. However, since it's a
`type=password` certain browsers like chrome were autofilling it.
Normally this isn't a problem, but if you are using subfolders on the
same host the challenge would be different and Discourse would fail the
challenge.
---
 .../javascripts/discourse/templates/modal/create-account.hbs    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/assets/javascripts/discourse/templates/modal/create-account.hbs b/app/assets/javascripts/discourse/templates/modal/create-account.hbs
index 483a42827da..c2cfea754dd 100644
--- a/app/assets/javascripts/discourse/templates/modal/create-account.hbs
+++ b/app/assets/javascripts/discourse/templates/modal/create-account.hbs
@@ -79,7 +79,7 @@
           <tr class="password-confirmation">
             <td><label for='new-account-password-confirmation'>{{i18n 'user.password_confirmation.title'}}</label></td>
             <td>
-              {{input type="password" value=accountPasswordConfirm id="new-account-confirmation"}}
+              {{input type="password" value=accountPasswordConfirm id="new-account-confirmation" autocomplete="false"}}
               {{input value=accountChallenge id="new-account-challenge"}}
             </td>
           </tr>