Page MenuHomePhabricator
Differential D8458

Don't prefill "add email address" from GET
ClosedPublic
Actions

Authored by epriestley on Mar 8 2014, 8:35 PM.
Tags
None
Referenced Files
F14732078: D8458.id20063.diff
Sat, Jan 18, 1:53 PM
Unknown Object (File)
Fri, Jan 17, 10:35 PM
Unknown Object (File)
Sun, Jan 5, 11:53 AM
Unknown Object (File)
Tue, Dec 24, 8:22 AM
Unknown Object (File)
Dec 19 2024, 10:42 PM
Unknown Object (File)
Dec 9 2024, 9:43 AM
Unknown Object (File)
Dec 8 2024, 1:07 PM
Unknown Object (File)
Dec 4 2024, 7:50 AM
View All Files
Subscribers
aran

Details

Reviewers
btrahan
Commits
Restricted Diffusion Commit
rP761b66228371: Don't prefill "add email address" from GET
Summary

Via HackerOne. I don't think this is a security vulnerability, but it is inconsistent. There's no reason to prefill this, and I think the code was just lazy.

Test Plan
  • Hit this page with ?email=xyz in a GET request, no more prefill.
  • Looped the page with bad addresses, appropriate prefill.
  • Added an address.

Diff Detail

Repository
rP Phabricator
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

btrahan accepted this revision.Mar 10 2014, 4:58 PM
btrahan edited edge metadata.
This revision is now accepted and ready to land.Mar 10 2014, 4:58 PM
epriestley closed this revision.Mar 10 2014, 11:21 PM
epriestley updated this revision to Diff 20105.

Closed by commit rP761b66228371 (authored by @epriestley).

Revision Contents
Changeset List

PathSize
src/
applications/
settings/
panel/
5 lines

Diff 20105

View Options

src/applications/settings/panel/PhabricatorSettingsPanelEmailAddresses.php

Loading...
Phabricator · Built by Phacility