Open
Bug 1262893
Opened 8 years ago
Updated 8 years ago
Change newsletter subscription confirm page to require a button click to confirm
Categories
(www.mozilla.org :: Newsletters, defect)
Tracking
(Not tracked)
NEW
People
(Reporter: pmac, Unassigned)
Details
Currently the token (subscription) is confirmed simply by visiting the confirmation URL the subscriber found in their email. We should require an additional user action (a button click) to help prevent accidental confirmations as well as to prevent accidental automated confirmations if an email spam prevention measure hits URLs in emails looking for dead or harmful links or redirects.
|
||
Comment 1•8 years ago
|
||
Thanks pmac. I'll add this to the backlog of ideas to explore and potentially implement post our CRM integration work.
|
||
Comment 3•8 years ago
|
||
If you do add a button please please please add an anti-csrf token so it can't be spammed.
|
|
||
Comment 4•8 years ago
|
||
Although short of something like a captcha that won't stop scripted spam attacks.
You need to log in
before you can comment on or make changes to this bug.
Description
•