Confirmation routes can confirm changes without user acknowledgement

[liamwhite]

The other controllers require some sort of POST interaction, but the confirmation and email confirmation routes are GET only, and therefore can be triggered by automatic link fetchers in popular email providers. This allows accounts/emails to be confirmed as long as such an email address is known to exist: https://support.google.com/mail/thread/16878288/gmail-is-opening-and-caching-urls-within-emails-without-user-intervention-how-and-why?hl=en

[josevalim]

Good call, I will make it two steps. :)

[josevalim]

Please see: https://github.com/phoenixframework/phoenix/pull/4419