From dd36c3c1149797ea81c93469476858803e1f9702 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julian=20M=C3=BCller=20=28ChaoticByte=29?=
 <contact@chaoticbyte.net>
Date: Wed, 7 Jun 2023 19:04:17 +0200
Subject: [PATCH] Fixed a security issue on the login page by clearing the
 buffer of the virtual keyboard when pressing 'cancel'.

---
 app/static/js/login.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/static/js/login.js b/app/static/js/login.js
index 0c43a72..cc9274d 100644
--- a/app/static/js/login.js
+++ b/app/static/js/login.js
@@ -6,7 +6,6 @@
     let passwordOverlayElement;
     let pwOverlayCancelButton;
     let userlistButtons;
-    let pinpadButtons;
     let userlistContainerElement;
     // Add event listeners after DOM Content loaded
     document.addEventListener("DOMContentLoaded", () => {
@@ -40,5 +39,9 @@
     function hide_password_overlay() {
         passwordOverlayElement.classList.add("nodisplay");
         passwordInputElement.value = "";
+        // Dispatch an Input Event to the input element to trigger the on-
+        // screen keyboard to update its buffer. This fixes a security
+        // issue on the login page.
+        passwordInputElement.dispatchEvent(new Event("input", {bubbles: true}));
     }
 })();