Require login for "Must Verify Email" controller
ClosedPublic
Actions

Authored by epriestley on Jun 7 2016, 11:35 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Sat, Jan 25, 3:56 PM

	Unknown Object (File)
	Thu, Jan 23, 7:51 PM

	Unknown Object (File)
	Sat, Jan 18, 12:25 AM

	Unknown Object (File)
	Mon, Jan 13, 12:12 AM

	Unknown Object (File)
	Dec 21 2024, 2:02 PM

	Unknown Object (File)
	Dec 21 2024, 10:23 AM

	Unknown Object (File)
	Dec 20 2024, 8:00 PM

	Unknown Object (File)
	Dec 17 2024, 6:54 PM

View All Files

Subscribers

None

Details

Reviewers

chad

Commits

rPffb50ef45d1b: Require login for "Must Verify Email" controller

Summary

Via HackerOne. This page fatals if accessed directly while logged out.

The "shouldRequireLogin()" check is wrong; this is a logged-in page.

Test Plan

Viewed the page while logged out, no more fatal.

Faked my way through the actual verification flow.

Diff Detail

Repository

rP Phabricator

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

epriestley updated this revision to Diff 38683.Jun 7 2016, 11:35 PM

epriestley retitled this revision from to Require login for "Must Verify Email" controller.

epriestley updated this object.

epriestley edited the test plan for this revision. (Show Details)

epriestley added a reviewer: chad.

chad accepted this revision.Jun 7 2016, 11:35 PM

chad edited edge metadata.

This revision is now accepted and ready to land.Jun 7 2016, 11:35 PM

Closed by commit rPffb50ef45d1b: Require login for "Must Verify Email" controller (authored by epriestley, committed by epriestley). · Explain WhyJun 7 2016, 11:37 PM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

src/

applications/

auth/

controller/

PhabricatorMustVerifyEmailController.php

4 lines

Diff 38684

View Options

src/applications/auth/controller/PhabricatorMustVerifyEmailController.php

Require login for "Must Verify Email" controllerClosedPublicActions