diff options
author | Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> | 2019-09-20 10:46:59 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-09-20 10:46:59 +0100 |
commit | aeb40f355c8590855eeca05b49bfff2b91faa85b (patch) | |
tree | c2b0fa901f47dd6daa8bddb76601a4af4600d5e4 /synapse/api/auth.py | |
parent | Drop support for bind param on POST /account/3pid (MSC2290) (#6067) (diff) | |
download | synapse-aeb40f355c8590855eeca05b49bfff2b91faa85b.tar.xz |
Ensure email validation link parameters are URL-encoded (#6063)
The validation links sent via email had their query parameters inserted without any URL-encoding. Surprisingly this didn't seem to cause any issues, but if a user were to put a `/` in their client_secret it could lead to problems.
Diffstat (limited to 'synapse/api/auth.py')
0 files changed, 0 insertions, 0 deletions