diff options
| -rw-r--r-- | doc/bugs/Unable_to_access_pagespec_preferences_on_https:__47____47__joeyh.name__47__/comment_1_8e26ec8941be9f6b16cec97281df7aaf._comment | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/doc/bugs/Unable_to_access_pagespec_preferences_on_https:__47____47__joeyh.name__47__/comment_1_8e26ec8941be9f6b16cec97281df7aaf._comment b/doc/bugs/Unable_to_access_pagespec_preferences_on_https:__47____47__joeyh.name__47__/comment_1_8e26ec8941be9f6b16cec97281df7aaf._comment new file mode 100644 index 000000000..940366a7c --- /dev/null +++ b/doc/bugs/Unable_to_access_pagespec_preferences_on_https:__47____47__joeyh.name__47__/comment_1_8e26ec8941be9f6b16cec97281df7aaf._comment @@ -0,0 +1,17 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 1""" + date="2018-12-12T14:40:46Z" + content=""" +Sending an auth token with every notification email would +not be good from a security POV. + +But, the ikiwiki username that has subscribed could be included in the +emails; the url to the prefs could possibly even have it prefilled +(unless CSRF protection or something prevents that). + +> I think now when I login via either method I'm accessing the account with a username + +No, ikiwiki accounts are not connected like this. If you log in with the +old account it will have separate subscription prefs than the new account. +"""]] |