tec3/five-for-the-future
tec3/five-for-the-future
1
0
Fork 0
mirror of https://github.com/WordPress/five-for-the-future.git synced 2025-04-22 19:13:44 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity
138 commits 5 branches 0 tags 3.6 MiB
Commit graph

7 commits

Author SHA1 Message Date
Ian Dunn 414c4809e3 Email: Allow tokens to be reused when necessary. 2019-11-12 08:35:06 -08:00
Ian Dunn 7e89d1794a
Email: Send no-cache headers when auth token present for security. 2019-11-07 16:07:51 -08:00
Ian Dunn 87eb8ec43a
Pledge Log: Capture email events. 2019-10-31 20:39:57 -05:00
Ian Dunn 438173c10f
Email: Add notes about auth tokens. 2019-10-26 10:11:45 -07:00
Ian Dunn c4f2fe58ab
Pledge Form: Make email naming consistent. 
This helps distinguish between _pledge_ and _contributor_ emails, and _verifying_ auth tokens and _confirming_ pledges.
 2019-10-26 08:23:41 -07:00
Ian Dunn 35fa99324e
Email: Compare token with hash_equals() to mitigate timing attacks. 
Props timothyblynjacobs
See #46
See https://make.wordpress.org/meta/2019/10/25/security-review-of-authentication-tokens/
 2019-10-25 13:50:53 -07:00
Ian Dunn 5ffca9420f
Email: Send pledge confirmation with authentication token. (#46) 
Email: Send pledge confirmation with authentication token.

Fixes #34.
Fixes #10.
 2019-10-25 12:07:09 -07:00