Page MenuHomePhabricator
Differential D16077

Require login for "Must Verify Email" controller
ClosedPublic
Actions

Authored by epriestley on Jun 7 2016, 11:35 PM.
Tags
None
Referenced Files
F19827068: D16077.diff
Mon, Mar 9, 5:42 AM
F19825260: D16077.id38684.diff
Sun, Mar 8, 9:42 AM
F18873079: D16077.id.diff
Nov 5 2025, 7:50 AM
F18871194: D16077.diff
Nov 4 2025, 9:35 PM
F18829048: D16077.diff
Oct 24 2025, 7:29 PM
F18826392: D16077.diff
Oct 24 2025, 3:48 AM
F18756048: D16077.diff
Oct 5 2025, 8:55 AM
F18728500: D16077.id38683.diff
Sep 30 2025, 9:33 AM
View All Files
Subscribers
None

Details

Reviewers
chad
Commits
rPffb50ef45d1b: Require login for "Must Verify Email" controller
Summary

Via HackerOne. This page fatals if accessed directly while logged out.

The "shouldRequireLogin()" check is wrong; this is a logged-in page.

Test Plan

Viewed the page while logged out, no more fatal.

Faked my way through the actual verification flow.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley updated this revision to Diff 38683.Jun 7 2016, 11:35 PM
epriestley retitled this revision from to Require login for "Must Verify Email" controller.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: chad.
chad accepted this revision.Jun 7 2016, 11:35 PM
chad edited edge metadata.
This revision is now accepted and ready to land.Jun 7 2016, 11:35 PM
Closed by commit rPffb50ef45d1b: Require login for "Must Verify Email" controller (authored by epriestley, committed by epriestley). · Explain WhyJun 7 2016, 11:37 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
src/
applications/
auth/
controller/
4 lines

Diff 38684

View Options

src/applications/auth/controller/PhabricatorMustVerifyEmailController.php

Loading...
Phabricator · Built by Phacility