Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some validation of existence of OUJS accounts for collaboration #1639

Merged
merged 1 commit into from
Jul 27, 2019
Merged

Some validation of existence of OUJS accounts for collaboration #1639

merged 1 commit into from
Jul 27, 2019

Conversation

Martii
Copy link
Member

@Martii Martii commented Jul 27, 2019

  • This has resurfaced with another Author misunderstanding collaboration and potentially opening up a security hole with their script being edited by others. So at least we can check to see if the account(s) currently exists. They are still responsible for any unauthorized edits if they type the incorrect existing username.
  • Also fixes a feature with unhandled casing... probably best to leave it exact unlike URLs to user homepages. Really don't need different casings floating around in these labels i.e. symmetry.

Post #285

@Martii
Some validation of existence of OUJS accounts for collaboration
259fe62 
* This has resurfaced with another Author misunderstanding collaboration and potentially opening up a security hole with their script being edited by others. So at least we can check to see if the account(s) currently exists. They are still responsible for any unauthorized edits if they type the incorrect existing username.
* Also fixes a feature with unhandled casing... probably best to leave it exact unlike URLs to user homepages. Really don't need different casings floating around in these labels i.e. symmetry.

Post OpenUserJS#285
@Martii Martii added bug You've guessed it... this means a bug is reported. enhancement Something we do have implemented already but needs improvement upon to the best of knowledge. security Usually relates to something critical. DB Pertains inclusively to the Database operations. CODE Some other Code related issue and it should clearly describe what it is affecting in a comment. labels Jul 27, 2019
@Martii Martii merged commit 38691df into OpenUserJS:master Jul 27, 2019
@Martii Martii deleted the validateCollaborationKeys branch July 27, 2019 11:11
@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 1, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
bug You've guessed it... this means a bug is reported. CODE Some other Code related issue and it should clearly describe what it is affecting in a comment. DB Pertains inclusively to the Database operations. enhancement Something we do have implemented already but needs improvement upon to the best of knowledge. security Usually relates to something critical.
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Martii