allura-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kenton Taylor" <>
Subject [allura:tickets] #8125 Require password when confirming new email address
Date Fri, 09 Sep 2016 13:40:50 GMT
Fix looks good, clear to merge.


** [tickets:#8125] Require password when confirming new email address**

**Status:** review
**Milestone:** unreleased
**Labels:** security 
**Created:** Thu Sep 08, 2016 02:18 PM UTC by Dave Brondsema
**Last Updated:** Thu Sep 08, 2016 04:29 PM UTC
**Owner:** Dave Brondsema

We should require a valid login session when opening an email verification link.  This avoids
the security risk of typos on new email addresses that could potentially let someone else
take over your account.


Sent from because is subscribed to

To unsubscribe from further messages, a project admin can change settings at
 Or, if this is a mailing list, you can unsubscribe from the mailing list.
  • Unnamed multipart/related (inline, None, 0 bytes)
View raw message