nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Reformulate CSRF e-mail

Browse source 
closes #7241
This commit is contained in:
Flaburgan 2016-12-07 12:41:14 +01:00 committed by Benjamin Neff
parent 6c37171f9f
commit f785de7484
2 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Changelog.md
View file

@ -12,7 +12,7 @@
* Only require AWS-module for fog [#7201](https://github.com/diaspora/diaspora/pull/7201) * Only require AWS-module for fog [#7201](https://github.com/diaspora/diaspora/pull/7201)
* Only show community spotlight links on the contacts page if community spotlight is enabled [#7213](https://github.com/diaspora/diaspora/pull/7213) * Only show community spotlight links on the contacts page if community spotlight is enabled [#7213](https://github.com/diaspora/diaspora/pull/7213)
* Require spec\_helper in .rspec [#7223](https://github.com/diaspora/diaspora/pull/7223) * Require spec\_helper in .rspec [#7223](https://github.com/diaspora/diaspora/pull/7223)
* Make the CSRF mail a bit more friendly [#7238](https://github.com/diaspora/diaspora/pull/7238) * Make the CSRF mail a bit more friendly [#7238](https://github.com/diaspora/diaspora/pull/7238) [#7241](https://github.com/diaspora/diaspora/pull/7241)
## Bug fixes ## Bug fixes
* Fix fetching comments after fetching likes [#7167](https://github.com/diaspora/diaspora/pull/7167) * Fix fetching comments after fetching likes [#7167](https://github.com/diaspora/diaspora/pull/7167)

8
config/locales/diaspora/en.yml
View file

@ -707,9 +707,11 @@ en:
body: |- body: |-
Hello %{name}, Hello %{name},
diaspora* has detected an attempt to access your session which might be unauthorised. This might be completely innocent, but it could be a cross-site request forgery (CSRF). To avoid any chance of your data being compromised, you have been signed out. diaspora* has detected an attempt to access your session which might be unauthorised. To avoid any chance of your data being compromised, you have been signed out. Dont worry; you can safely sign in again now.
A request made using a incorrect or missing CSRF token can be caused by: A request has been made using a incorrect or missing CSRF token. This might be completely innocent, but it could be a cross-site request forgery (CSRF) attack.
This could have been caused by:
- An add-on manipulating the request or making requests without the token; - An add-on manipulating the request or making requests without the token;
- A tab left open from a past session; - A tab left open from a past session;
@ -719,8 +721,6 @@ en:
For more information on CSRF see [%{link}](%{link}). For more information on CSRF see [%{link}](%{link}).
Dont worry; you can safely sign in again now.
If you see this message repeatedly, please check the points above, including any browser add-ons. If you see this message repeatedly, please check the points above, including any browser add-ons.
Thank you, Thank you,