launchpad-dev team mailing list archive

Thread
Date

Re: Fwd: [Fwd: Quickly and Launchpad]

To: William Grant <wgrant@xxxxxxxxxx>
From: Robert Collins <robert.collins@xxxxxxxxxxxxx>
Date: Fri, 25 Jun 2010 21:54:41 +1000
Cc: Didier Roche <didrocks@xxxxxxxxxx>, Launchpad Community Development Team <launchpad-dev@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <1277447661.2476.5.camel@magrathea.qeuni.net>
Sender: robertc@xxxxxxxxxxxxxxxxx

I like the idea of sending emails when important account settings are
changed: it helps with:
 - cross site attacks
 - apis that permit changing such settings
 - screen scraping via embedded browser instances

and possibly more.

Its also nonintrusive and straightforward, and we could include a
confirmation token in the email people get sent too, if we felt thats
needed.

That is:
LP.me.addSSHKey(...)
-> email sent
<-202 ACCEPTED (please check your email and confirm via the token link in it)
Quickly shows the user 'please check email'
User clicks in the email, ssh key is enabled / disabled.

-Rob

Follow ups

Re: Fwd: [Fwd: Quickly and Launchpad]
From: Martin Pool, 2010-06-25
Re: Fwd: [Fwd: Quickly and Launchpad]
From: Didier Roche, 2010-06-25

References

Fwd: [Fwd: Quickly and Launchpad]
From: Jonathan Lange, 2010-06-24
Re: Fwd: [Fwd: Quickly and Launchpad]
From: Martin Pool, 2010-06-25
Re: Fwd: [Fwd: Quickly and Launchpad]
From: Martin Pool, 2010-06-25
Re: Fwd: [Fwd: Quickly and Launchpad]
From: Didier Roche, 2010-06-25
Re: Fwd: [Fwd: Quickly and Launchpad]
From: William Grant, 2010-06-25
Re: Fwd: [Fwd: Quickly and Launchpad]
From: Didier Roche, 2010-06-25
Re: Fwd: [Fwd: Quickly and Launchpad]
From: William Grant, 2010-06-25