vbrown608
commented
5 years ago Duplicate of #158?
Open sydneyli opened 5 years ago
vbrown608
commented
5 years ago Duplicate of #158?
sydneyli
commented
5 years ago Sort of, I think #158 has to do with not encouraging users to click links in e-mail. This one might be solved by adding an extra "confirm" button-click on some of the token confirmation pages.
A lot of anti-spam mail software will crawl links that they find in emails to guess whether they are phishing links.
We should require users to click a button on this page that performs a POST :)