Item1469: You cannot verify registration by clicking as instructed on the link in the email after the register blocks GET

Priority: Urgent
Current State: Closed
Released In: 1.0.5
Target Release: patch

Applies To: Engine
Component:
Branches:

Reported By: KennethLavrsen
Waiting For:
Last Change By: KennethLavrsen

We cannot block registration via GET

Unless we totally disable the nice feature of clicking the confirmation link in the email you receive.

I would hate to do that.

Is there any real exploit in enabling registation by get?

Anyone can register anyway.

-- KennethLavrsen - 19 Apr 2009

Reverted the GET block for register

Closing as this is injected between releases

-- KennethLavrsen - 19 Apr 2009

Hmm. Let us be more safe than sorry.

I will do the same type of measure as we have for the Rename script.

I also add a new message which adds a new MAKETEXT string. The alternative is hard the coded English already added which is not better.

It is not a huge issue than an error message that only hackers and hard core application developers playing with something very odd will ever see.

-- KennethLavrsen - 19 Apr 2009

Summary	You cannot verify registration by clicking as instructed on the link in the email after the register blocks GET
ReportedBy	KennethLavrsen
Codebase
SVN Range	Foswiki-1.0.0, Thu, 08 Jan 2009, build 1878
AppliesTo	Engine
Component
Priority	Urgent
CurrentState	Closed
WaitingFor
Checkins	distro:d38134d5bd60 distro:3c5942ae12ad distro:a30ab0a1039b distro:beeb2d8fa05b
TargetRelease	patch
ReleasedIn	1.0.5