Don't prefill "add email address" from GET
761b66228371
Actions

Description

Don't prefill "add email address" from GET

Summary: Via HackerOne. I don't think this is a security vulnerability, but it is inconsistent. There's no reason to prefill this, and I think the code was just lazy.

Test Plan:

Hit this page with ?email=xyz in a GET request, no more prefill.
Looped the page with bad addresses, appropriate prefill.
Added an address.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D8458

Details

Provenance

epriestley	Authored on
epriestley	Pushed on Mar 10 2014, 11:21 PM

Reviewer

btrahan

Differential Revision

D8458: Don't prefill "add email address" from GET

Parents

rP042ab0ad9d03: Fix three minor edge case behaviors in Conpherence

Branches

Unknown

Tags

Unknown

Event Timeline

Changes (1)

Path

Size

src/

applications/

settings/

panel/

PhabricatorSettingsPanelEmailAddresses.php

rP761b66228371

View Options

src/applications/settings/panel/PhabricatorSettingsPanelEmailAddresses.php