Open jcfr opened 2 weeks ago
jcfr
commented
2 weeks ago After further analysis, the issue is related to a "bot" account that commented on the issue and is independent of the email of the researcher who created the account.
The corresponding account has been reported.
jcfr
commented
2 weeks ago For context, here is another example of such comment. See https://github.com/jcfr/MorphoCloudPortal/issues/88#issuecomment-2312935572
For future reference, here was the comment:
jcfr
commented
2 weeks ago After reporting the account to GitHub, it has now been "removed"
muratmaga
commented
2 weeks ago Thanks @jcfr. I think we still want to implement the double entry of the email (to double check) and automatic obfuscate for privacy issues.
jcfr
commented
2 weeks ago To handle the case when the two entries do not match, I suggest to:
/encode_email explicitly If the two email do match, email will automatically be encoded (aka obfuscated)
Does this sound reasonable?
muratmaga
commented
2 weeks ago It would be better, if the user cannot proceed or submit the ticket if the emails are not identical (or somehow give real-time feedback), but I understand that may not be possible with GH issues.
When requesting an instance, have the user enter their email name twice, and if it checkouts, obfuscate the email right away. We have already someone snooping and sending fake emails to people (see the screenshot), which is very serious issue since our users can't tell whether this is legit or not.
Originally posted by @muratmaga in https://github.com/MorphoCloud/MorphoCloudWorkflow/issues/27#issue-2487721000