webadmin: ArduPilot logo header, password show/hide eye, static cache

* Vendored static/ardupilot_logo.png (245x88 RGBA, 7 KiB) and a
  blue (#3a7cb3) header bar that extends to the page edges so the
  transparent logo PNG visually merges with the bar. Logo and title
  share one .brand <a> back to /; nav links are inverted to white;
  the log-out button is white-on-blue with a hover wash.

* Per-passphrase show/hide eye via static/password-toggle.js. JS
  wraps every <input type=password> on the page (idempotent via a
  data-attribute marker) with an SVG eye button that toggles
  input.type between password and text. tabindex=-1 keeps the eye
  out of the form's tab order; aria-label flips with state.

* autocomplete=new-password on every PasswordField except the
  /login one (which keeps current-password). Without this Chrome
  pre-fills the 'New passphrase' fields on /admin/<port2>/ from
  the credential it has stored for /login. spellcheck/autocorrect
  /autocapitalize=off complete the picture.

* SEND_FILE_MAX_AGE_DEFAULT=86400 so static assets carry
  Cache-Control: public, max-age=86400. Without this Flask emits
  no cache header, the meta-refresh flow re-fetches the logo
  every 5 s, and the header flashes mid-paint. Explicit
  width/height + fetchpriority=high on the <img> tag let the
  browser carve out the slot at parse time.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: tridge

webadmin/config.py

@@ -45,3 +45,10 @@ class DefaultConfig:
     # Site-name shown in templates. Overridden by webui.json's "title"
     # field if that file exists in the keys.tdb directory.
     WEBUI_TITLE = 'SupportProxy admin'
+
+    # Browser-cache static assets (logo, CSS, JS). Without this Flask
+    # emits no Cache-Control header, so the meta-refresh flow refetches
+    # the logo every 5 s and you see a blank header flash mid-paint.
+    # Set to 1 day; bust by renaming files or appending a query string
+    # if you change one.
+    SEND_FILE_MAX_AGE_DEFAULT = 86400

webadmin/forms.py

@@ -10,14 +10,24 @@
 OWNER_MAX_TLOG_RETENTION_DAYS = 30.0
 ADMIN_MAX_TLOG_RETENTION_DAYS = 36500.0  # ~100 years; effectively unbounded
 
+# Render-kwargs for "this is a brand-new passphrase, browser, don't
+# autofill the user's saved login passphrase here". Without this Chrome
+# happily prefills the 'New passphrase' field with the value it has
+# stored for /login on this site.
+_NEW_PW_KW = {'autocomplete': 'new-password', 'spellcheck': 'false',
+              'autocorrect': 'off', 'autocapitalize': 'off'}
+_CURRENT_PW_KW = {'autocomplete': 'current-password', 'spellcheck': 'false',
+                  'autocorrect': 'off', 'autocapitalize': 'off'}
+
 
 class LoginForm(FlaskForm):
     port = IntegerField('Port (port1 or port2)',
                         validators=[DataRequired(),
                                     NumberRange(min=1, max=65535)])
     passphrase = PasswordField('Passphrase',
                                validators=[DataRequired(),
-                                           Length(min=1, max=256)])
+                                           Length(min=1, max=256)],
+                               render_kw=_CURRENT_PW_KW)
     submit = SubmitField('Log in')
 
 
@@ -26,11 +36,13 @@ class OwnerEditForm(FlaskForm):
     name = StringField('Display name', validators=[Optional(), Length(max=31)])
     new_passphrase = PasswordField(
         'New passphrase (leave blank to keep current)',
-        validators=[Optional(), Length(min=4, max=256)])
+        validators=[Optional(), Length(min=4, max=256)],
+        render_kw=_NEW_PW_KW)
     confirm_passphrase = PasswordField(
         'Confirm new passphrase',
         validators=[Optional(), EqualTo('new_passphrase',
-                                        message='Passphrases do not match.')])
+                                        message='Passphrases do not match.')],
+        render_kw=_NEW_PW_KW)
     bidi_sign = BooleanField(
         'Require MAVLink signing on the user side too (bi-directional signing)')
     tlog_enabled = BooleanField('Record telemetry logs (.tlog) for this entry')
@@ -50,11 +62,13 @@ class AdminEditForm(FlaskForm):
                                      NumberRange(min=1, max=65535)])
     new_passphrase = PasswordField(
         'New passphrase (leave blank to keep current)',
-        validators=[Optional(), Length(min=4, max=256)])
+        validators=[Optional(), Length(min=4, max=256)],
+        render_kw=_NEW_PW_KW)
     confirm_passphrase = PasswordField(
         'Confirm new passphrase',
         validators=[Optional(), EqualTo('new_passphrase',
-                                        message='Passphrases do not match.')])
+                                        message='Passphrases do not match.')],
+        render_kw=_NEW_PW_KW)
     is_admin = BooleanField('Grant admin privilege (KEY_FLAG_ADMIN)')
     bidi_sign = BooleanField(
         'Require MAVLink signing on the user side too (bi-directional signing)')
@@ -78,7 +92,8 @@ class AdminAddForm(FlaskForm):
                        validators=[DataRequired(), Length(max=31)])
     passphrase = PasswordField('Passphrase',
                                validators=[DataRequired(),
-                                           Length(min=4, max=256)])
+                                           Length(min=4, max=256)],
+                               render_kw=_NEW_PW_KW)
     submit = SubmitField('Add')
 
 

webadmin/static/ardupilot_logo.png

@@ -0,0 +1,55 @@
+/*
+  Auto-attach a show/hide eye button to every <input type="password"> on
+  the page. Idempotent: re-running (e.g. after a partial DOM update)
+  skips inputs already wrapped.
+
+  No deps: written so it works without a build step.
+ */
+(function () {
+    'use strict';
+
+    var EYE_OPEN = '<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><path d="M1 12s4-8 11-8 11 8 11 8-4 8-11 8-11-8-11-8z"/><circle cx="12" cy="12" r="3"/></svg>';
+    var EYE_SHUT = '<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" aria-hidden="true"><path d="M17.94 17.94A10.07 10.07 0 0 1 12 20c-7 0-11-8-11-8a18.45 18.45 0 0 1 5.06-5.94M9.9 4.24A9.12 9.12 0 0 1 12 4c7 0 11 8 11 8a18.5 18.5 0 0 1-2.16 3.19m-6.72-1.07a3 3 0 1 1-4.24-4.24"/><line x1="1" y1="1" x2="23" y2="23"/></svg>';
+
+    function attach(input) {
+        if (input.dataset.toggleAttached) {
+            return;
+        }
+        input.dataset.toggleAttached = '1';
+
+        var wrap = document.createElement('span');
+        wrap.className = 'password-wrap';
+        input.parentNode.insertBefore(wrap, input);
+        wrap.appendChild(input);
+
+        var btn = document.createElement('button');
+        btn.type = 'button';
+        btn.className = 'toggle';
+        // The eye is a convenience — keep it out of the tab order so
+        // tabbing through forms doesn't land on it.
+        btn.tabIndex = -1;
+        btn.setAttribute('aria-label', 'Show passphrase');
+        btn.innerHTML = EYE_OPEN;
+        btn.addEventListener('click', function () {
+            var revealing = input.type === 'password';
+            input.type = revealing ? 'text' : 'password';
+            btn.setAttribute(
+                'aria-label', revealing ? 'Hide passphrase' : 'Show passphrase');
+            btn.innerHTML = revealing ? EYE_SHUT : EYE_OPEN;
+        });
+        wrap.appendChild(btn);
+    }
+
+    function init() {
+        var inputs = document.querySelectorAll('input[type=password]');
+        for (var i = 0; i < inputs.length; i++) {
+            attach(inputs[i]);
+        }
+    }
+
+    if (document.readyState === 'loading') {
+        document.addEventListener('DOMContentLoaded', init);
+    } else {
+        init();
+    }
+})();

webadmin/static/password-toggle.js

@@ -1,11 +1,19 @@
 html { font-family: system-ui, sans-serif; color: #222; background: #fafafa; }
 body { max-width: 960px; margin: 0 auto; padding: 1rem; }
-header { display: flex; justify-content: space-between; align-items: baseline;
-         border-bottom: 1px solid #ccc; padding-bottom: 0.5rem; margin-bottom: 1rem; }
-header h1 { font-size: 1.2rem; margin: 0; }
-header h1 a { color: inherit; text-decoration: none; }
-header nav { display: flex; gap: 1rem; align-items: baseline; font-size: 0.9rem; }
+/* ArduPilot-blue header bar so the logo's transparent PNG blends in. */
+header { display: flex; justify-content: space-between; align-items: center;
+         background: #3a7cb3; color: #fff;
+         border-bottom: 1px solid #2a5e88;
+         padding: 0.4rem 0.8rem; margin: -1rem -1rem 1rem; }
+header h1 { font-size: 1.2rem; margin: 0; color: #fff; }
+header .brand { display: flex; align-items: center; gap: 0.6rem;
+                text-decoration: none; color: inherit; }
+header .brand .logo { height: 2.4rem; width: auto; display: block; }
+header nav { display: flex; gap: 1rem; align-items: center; font-size: 0.9rem; }
+header nav a { color: #fff; }
 header nav form.inline { display: inline; }
+header nav button { background: #fff; color: #3a7cb3; border: 1px solid #2a5e88; }
+header nav button:hover { background: #e6f0fa; }
 main { padding: 0.5rem 0; }
 
 .field { margin: 0.5rem 0; }
@@ -47,3 +55,28 @@ footer.version {
 }
 footer.version a { color: #888; text-decoration: none; }
 footer.version a:hover { text-decoration: underline; }
+
+/* Show/hide eye toggle attached to every password input by
+   static/password-toggle.js. The button sits over the input's right
+   edge; we extend the input's right padding so the text doesn't run
+   under the icon. The selector covers both type=password (default)
+   and type=text (after revealing) since the JS toggles the type. */
+.password-wrap { display: inline-block; position: relative; vertical-align: middle; }
+.password-wrap input[type=password],
+.password-wrap input[type=text] {
+    padding-right: 2.2rem;
+}
+.password-wrap button.toggle {
+    position: absolute;
+    right: 0.3rem;
+    top: 50%;
+    transform: translateY(-50%);
+    background: transparent;
+    border: none;
+    padding: 0.15rem;
+    cursor: pointer;
+    color: #666;
+    line-height: 0;
+}
+.password-wrap button.toggle:hover { color: #222; }
+.password-wrap button.toggle svg { width: 18px; height: 18px; display: block; }

webadmin/static/style.css

@@ -8,7 +8,12 @@
 </head>
 <body>
 <header>
-  <h1><a href="{{ url_for('index') }}">{{ config.WEBUI_TITLE }}</a></h1>
+  <a class="brand" href="{{ url_for('index') }}">
+    <img src="{{ url_for('static', filename='ardupilot_logo.png') }}"
+         alt="ArduPilot" class="logo"
+         width="245" height="88" fetchpriority="high">
+    <h1>{{ config.WEBUI_TITLE }}</h1>
+  </a>
   <nav>
     {% if session.get('owner') %}
       <span>logged in as port {{ session['owner'] }}{% if session.get('is_admin') %} (admin){% endif %}</span>
@@ -39,6 +44,7 @@ <h1><a href="{{ url_for('index') }}">{{ config.WEBUI_TITLE }}</a></h1>
      target="_blank" rel="noopener">{{ config.GIT_VERSION }}</a>
 </footer>
 {% endif %}
+<script src="{{ url_for('static', filename='password-toggle.js') }}" defer></script>
 <script src="{{ url_for('static', filename='localtime.js') }}" defer></script>
 </body>
 </html>