Closed franklindyer closed 6 months ago
franklindyer
commented
6 months ago @altheaden Could you test the site on your end with these changes, and then merge if it works fine for you? Let me know if you'd like me to comment more on any of these changes.
altheaden
commented
6 months ago @franklindyer I think you want to take out the changes in form.html and profile.html. You can also take out the password confirmation in settings.html, because I will update that with my form update branch.
franklindyer
commented
6 months ago @altheaden Done. But I'm going to leave the password confirmation in settings.html for now because it corresponds to a change on the backend, which also requires the password to make email changes. You can set it up however you want on your branch, and then discard my version when you have to resolve the merge conflict.
Fixes #101 Fixes #102
See commit messages for the specific security improvements made here.