Closed
Bug 506547
Opened 15 years ago
Closed 15 years ago
Password-reset notifications
Categories
(support.mozilla.org :: General, defect)
support.mozilla.org
General
Tracking
(Not tracked)
VERIFIED
FIXED
1.3
People
(Reporter: cilias, Assigned: jsocol)
Details
(Whiteboard: tiki_feature tiki_upstreamed)
Attachments
(1 file, 1 obsolete file)
2.99 KB,
patch
|
laura
:
review+
|
Details | Diff | Splinter Review |
We're getting reports that SUMO is sending email messages to accounts, saying "Someone coming from IP Address 10.2.81.4 requested password reset for your account (support.mozilla.com). " In bug 409942 comment 2, Dave Miller says that address is the IP address the internal address on the Netscaler. If we can't get bug 409942 fixed soon, we should at least stop these password reset notification emails.
Comment 1•15 years ago
|
||
Better would probably be to just remove the IP address from the notification template. The average person probably has no clue what their IP address is these days anyway. It's really only useful to the sysadmin to help tracking if there's abuse (and could probably be included as a header in the message instead of in the body of the email, and we'll just need to get people to send full headers if they have suspected abuse).
Reporter | ||
Updated•15 years ago
|
Target Milestone: --- → 1.3
Updated•15 years ago
|
Assignee: nobody → laura
Assignee | ||
Comment 2•15 years ago
|
||
Laura: Just changing the template is quick, I can take this if you want to get rid of it.
Assignee | ||
Comment 3•15 years ago
|
||
This moves the IP address line into a mail header ('X-Password-Reset-From') as per comment #1.
Attachment #395948 -
Flags: review?(laura)
Updated•15 years ago
|
Assignee: laura → jsocol
Updated•15 years ago
|
Attachment #395948 -
Flags: review?(laura) → review+
Comment 4•15 years ago
|
||
Comment on attachment 395948 [details] [diff] [review] patch, v1 Good call, wfm.
Assignee | ||
Comment 5•15 years ago
|
||
From bug 409942 comment 8, we can use X_FORWARDED_FOR.
Assignee | ||
Comment 6•15 years ago
|
||
This incorporates the code from AMO linked in comment 5. Otherwise it's the same (with some white space inserted to make tiki-remind_password.php a bit more readable).
Attachment #395948 -
Attachment is obsolete: true
Attachment #396309 -
Flags: review?(laura)
Updated•15 years ago
|
Summary: Password reset notifications → Password-reset notifications
Updated•15 years ago
|
Attachment #396309 -
Flags: review?(laura) → review+
Assignee | ||
Updated•15 years ago
|
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Updated•15 years ago
|
Whiteboard: tiki_triage
Comment 9•15 years ago
|
||
Great idea. I never liked that message.
Whiteboard: tiki_triage → tiki_feature
Comment 10•15 years ago
|
||
Upstreamed to tiki trunk r22651.
Comment 11•15 years ago
|
||
Added the string tiki_upstreamed to this bug to keep track of the things that are already upstreamed. LPH: please do this for other bugs you upstream; thanks!
Whiteboard: tiki_feature → tiki_feature tiki_upstreamed
You need to log in
before you can comment on or make changes to this bug.
Description
•