From 816d3972c84f2db04400e0069db5a035dbfe4727 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Tue, 5 Apr 2022 22:30:54 +0200
Subject: [PATCH] Services / Captiveportal - prevent cleansing password field,
 closes https://github.com/opnsense/core/issues/5678

---
 .../OPNsense/CaptivePortal/Api/AccessController.php           | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/AccessController.php b/src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/AccessController.php
index bef96dac9..ebaf9f5d1 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/AccessController.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/AccessController.php
@@ -1,7 +1,7 @@
 <?php
 
 /*
- * Copyright (C) 2015 Deciso B.V.
+ * Copyright (C) 20152-2022 Deciso B.V.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -148,7 +148,7 @@ class AccessController extends ApiControllerBase
                             // try this auth method
                             $isAuthenticated = $authServer->authenticate(
                                 $userName,
-                                $this->request->getPost("password", "string")
+                                $this->request->getPost("password")
                             );
 
                             // check group when group enforcement is set