jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Add email query param to reset code path

Browse Source 
This reduces any attack surface
This commit is contained in:
Girish Ramakrishnan
2018-06-12 17:22:41 -07:00
parent 5a6ea33694
commit 32e6b9024c
8 changed files with 68 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/oauth2views/account_setup.ejs
View File

@@ -29,6 +29,7 @@ app.controller('Controller', ['$scope', function ($scope) {
<form action="/api/v1/session/account/setup" method="post" name="setupForm" autocomplete="off" role="form" novalidate>
<input type="password" style="display: none;">
<input type="hidden" name="_csrf" value="<%= csrf %>"/>
<input type="hidden" name="email" value="<%= email %>"/>
<input type="hidden" name="resetToken" value="<%= resetToken %>"/>
<center><p class="has-error"><%= error %></p></center>