mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2025-01-30 02:28:24 +00:00
Code Issues Projects Releases Wiki Activity
wallabag/tests/Wallabag
History
Kevin Decherf aa06e8328e ConfigController: remove 2fa cancel step 
This change annoys me, however this endpoint was anyway problematic:
- it was vulnerable to a CSRF attack, see GHSA-56fm-hfp3-x3w3
- it is useless as we don't really handle a two-steps validation

Still, if you send an incorrect code during the "activation" phase a
flash error will pop up but the 2fa will stay enabled. This need rework
when possible.

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2023-09-30 00:49:58 +02:00
..
AnnotationBundle Replace Client by KernelBrowser 2023-08-08 02:55:35 +01:00
ApiBundle Replace GET way to POST way to delete API client 2023-08-09 21:54:40 +02:00
CoreBundle ConfigController: remove 2fa cancel step 2023-09-30 00:49:58 +02:00
ImportBundle Upgrade to Symfony 4.4 2022-11-29 18:01:46 -08:00
UserBundle Make Crawler::extract get an array 2023-08-07 22:51:18 +01:00