On Tue, Jan 11, 2022 at 12:10 PM Arthur Bols <arthur@xxxxxxxx> wrote: > > On 11/01/2022 18:03, Yaakov Selkowitz wrote: > > You want anyone who receives or intercepts those emails to be able to access > > your account *without* logging in?!? > How I interpreted it, and how most websites do it, is that the unique > link just verifies the email address (or any other non-critical action), > but doesn't log you in. Exactly! Yes. That's what I was saying. In this case, the situation is even sillier, because the non-critical action here is to "take no action". Taking no action is the least critical action you could take in this situation! _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
