fix: keep HTML5 validation on V3 password forms

julioest · julioest · commit 6a81c4b71596 · 2026-04-30T21:35:19.000-04:00
Bind novalidate via Alpine so JS-disabled users still get required and type=email enforcement. Refs boostorg#2179
diff --git a/templates/v3/accounts/password_reset.html b/templates/v3/accounts/password_reset.html
@@ -24,9 +24,9 @@ <h1 class="auth-page__title">Password reset</h1>
   <form class="auth-page__card"
         method="post"
         action=""
-        novalidate
         {# djlint:off #}
         x-data="{ hasErrors: false }"
+        :novalidate="true"
         @input.debounce.150ms="hasErrors = !!$el.querySelector('.field--error')"
         @submit.prevent="
           $el.querySelectorAll('[data-validate]').forEach(el =>
diff --git a/templates/v3/accounts/password_reset_from_key.html b/templates/v3/accounts/password_reset_from_key.html
@@ -25,9 +25,9 @@ <h1 class="auth-page__title">Change Password</h1>
   <form class="auth-page__card"
         method="post"
         action=""
-        novalidate
         {# djlint:off #}
         x-data="{ hasErrors: false }"
+        :novalidate="true"
         @input.debounce.150ms="hasErrors = !!$el.querySelector('.field--error')"
         @submit.prevent="
           $el.querySelectorAll('[data-validate]').forEach(el =>
