Require login for "Must Verify Email" controller
ClosedPublic
Actions

Authored by epriestley on Jun 7 2016, 11:35 PM.

Tags

None

Referenced Files

	F15403046: D16077.id.diff
	Tue, Mar 18, 1:44 AM

	F15390687: D16077.id.diff
	Sat, Mar 15, 6:26 AM

	F15352488: D16077.id38683.diff
	Mon, Mar 10, 4:41 PM

	Unknown Object (File)
	Mar 3 2025, 1:31 AM

	Unknown Object (File)
	Mar 3 2025, 1:30 AM

	Unknown Object (File)
	Feb 12 2025, 4:49 PM

	Unknown Object (File)
	Feb 12 2025, 3:13 PM

	Unknown Object (File)
	Feb 12 2025, 3:01 PM

View All Files

Subscribers

None

Details

Reviewers

chad

Commits

rPffb50ef45d1b: Require login for "Must Verify Email" controller

Summary

Via HackerOne. This page fatals if accessed directly while logged out.

The "shouldRequireLogin()" check is wrong; this is a logged-in page.

Test Plan

Viewed the page while logged out, no more fatal.

Faked my way through the actual verification flow.

Diff Detail

Repository

rP Phabricator

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

epriestley updated this revision to Diff 38683.Jun 7 2016, 11:35 PM

epriestley retitled this revision from to Require login for "Must Verify Email" controller.

epriestley updated this object.

epriestley edited the test plan for this revision. (Show Details)

epriestley added a reviewer: chad.

chad accepted this revision.Jun 7 2016, 11:35 PM

chad edited edge metadata.

This revision is now accepted and ready to land.Jun 7 2016, 11:35 PM

Closed by commit rPffb50ef45d1b: Require login for "Must Verify Email" controller (authored by epriestley, committed by epriestley). · Explain WhyJun 7 2016, 11:37 PM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

src/

applications/

auth/

controller/

PhabricatorMustVerifyEmailController.php

4 lines

Diff 38684

View Options

src/applications/auth/controller/PhabricatorMustVerifyEmailController.php

Require login for "Must Verify Email" controllerClosedPublicActions