Page MenuHomePhabricator

Require login for "Must Verify Email" controller
ClosedPublic

Authored by epriestley on Jun 7 2016, 11:35 PM.
Tags
None
Referenced Files
F14372637: D16077.id38683.diff
Fri, Dec 20, 8:00 PM
Unknown Object (File)
Tue, Dec 17, 6:54 PM
Unknown Object (File)
Thu, Dec 12, 6:17 PM
Unknown Object (File)
Thu, Dec 12, 6:17 PM
Unknown Object (File)
Tue, Dec 10, 8:27 AM
Unknown Object (File)
Sat, Dec 7, 11:40 PM
Unknown Object (File)
Fri, Dec 6, 5:59 PM
Unknown Object (File)
Oct 16 2024, 12:32 AM
Subscribers
None

Details

Summary

Via HackerOne. This page fatals if accessed directly while logged out.

The "shouldRequireLogin()" check is wrong; this is a logged-in page.

Test Plan

Viewed the page while logged out, no more fatal.

Faked my way through the actual verification flow.

Diff Detail

Repository
rP Phabricator
Branch
mustverify1
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 12556
Build 15930: Run Core Tests
Build 15929: arc lint + arc unit

Event Timeline

epriestley retitled this revision from to Require login for "Must Verify Email" controller.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: chad.
chad edited edge metadata.
This revision is now accepted and ready to land.Jun 7 2016, 11:35 PM
This revision was automatically updated to reflect the committed changes.