Closed Bug 1677419 Opened 4 years ago Closed 3 years ago

Token cancellation and verification should take an extra step to confirm

Tracking

()

Status:

RESOLVED FIXED

People

(Reporter: glob, Assigned: dkl)

Details

Attachments

(1 file)

GitHub Pull Request 4 years ago David Lawrence [:dkl] 46 bytes, text/x-github-pull-request		Details \| Review

:glob ✱

Reporter

Description

•

4 years ago

When a user changes their email address they are sent two emails: one for confirmation and one for cancellation.

The Outlook Web Mail client visits every URL in an email to generate a preview.

Just visiting the cancellation link will cancel the request, resulting in users using this email client being unable to change their email address.

A simple fix is to have a confirmation button on the token pages.

David Lawrence [:dkl]

Assignee

Comment 1

•

4 years ago

Attached file GitHub Pull Request — Details

Assignee: nobody → dkl

Status: NEW → ASSIGNED

David Lawrence [:dkl]

Assignee

Comment 2

•

3 years ago

Merged to master.

Status: ASSIGNED → RESOLVED

Closed: 3 years ago

Resolution: --- → FIXED

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Token cancellation and verification should take an extra step to confirm

Categories

(bugzilla.mozilla.org :: General, defect)

Tracking

()

People

(Reporter: glob, Assigned: dkl)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Attachment

General

Description

File Name

Content Type