Changes between Initial Version and Version 1 of Ticket #27518


Ignore:
Timestamp:
Nov 21, 2016, 8:56:44 AM (8 years ago)
Author:
Romain Garrigues
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #27518 – Description

    initial v1  
    1 Hi security team!
     1Hi!
    22
    33I read an article titled "Is Your Site Leaking Password Reset Links?" (https://robots.thoughtbot.com/is-your-site-leaking-password-reset-links) and I just realised that by using classic Django password_reset_confirm view, my reset password link was effectively sent to other websites in the HTTP Referer header.
Back to Top