Mirror repository password is exposed in the DOM
Summary
Mirror repository password is exposed in the DOM
Steps to reproduce
- Setup repository mirror with a password.
- Refresh page.
- View DOM
- Your password will be set as input value
What is the current bug behavior?
Password is visible in plain text in the DOM.
What is the expected correct behavior?
Some fake value should be present in the DOM. When saved, password should not be changed to the fake value.
Relevant logs and/or screenshots
Output of checks
This bug happens on GitLab.com