afuna: Cat under a blanket. Text: "Cats are just little people with Fur and Fangs" (Default)
afuna ([personal profile] afuna) wrote in [site community profile] changelog2010-02-16 03:10 pm
  • Add Memory
  • Share This Entry

[dw-free] remove insecure password reset option

[commit: http://hg.dwscoalition.org/dw-free/rev/9323f181bcb6]

http://bugs.dwscoalition.org/show_bug.cgi?id=2307

Remove documentation pointing to the (previously removed, currently
nonexistent) insecure password reset option.

Patch by [staff profile] denise.

Files modified:
  • cgi-bin/LJ/ConfCheck/General.pm
  • doc/raw/build/ljconfig/ljconfig2db.pl
--------------------------------------------------------------------------------
diff -r 32841e6285f5 -r 9323f181bcb6 cgi-bin/LJ/ConfCheck/General.pm
--- a/cgi-bin/LJ/ConfCheck/General.pm	Sun Feb 14 13:42:14 2010 +0000
+++ b/cgi-bin/LJ/ConfCheck/General.pm	Tue Feb 16 15:09:47 2010 +0000
@@ -815,7 +815,6 @@ my %bools = (
              "OPENID_STATELESS" => "Speak stateless OpenID.  Slower, but no local state needs to be kept.",
              "ONLY_USER_VHOSTS" => "Don't allow www.* journals at /users/ and /~ and /community/.  Only allow them on their own user virtual host domains.",
              "USERPIC_MOGILEFS" => "Store userpics on MogileFS.",
-             "SECURE_PASSWORD_RESET" => "If enabled, do not email passwords in the clear from lostinfo.bml.  Instead, email a reset request that requires the user to follow the link which then generates a new password for their account.",
              "USE_INNODB" => "Create new tables as InnoDB.",
              "CONCAT_RES" => "Instruct Perlbal to concatenate static files on non-SSL pages",
              "CONCAT_RES_SSL" => "Instruct Perlbal to concatenate static files on SSL pages",
diff -r 32841e6285f5 -r 9323f181bcb6 doc/raw/build/ljconfig/ljconfig2db.pl
--- a/doc/raw/build/ljconfig/ljconfig2db.pl	Sun Feb 14 13:42:14 2010 +0000
+++ b/doc/raw/build/ljconfig/ljconfig2db.pl	Tue Feb 16 15:09:47 2010 +0000
@@ -72,9 +72,6 @@ my %ljconfig =
             },
             'require_talkhash_notold' => {
                     'desc' => "If [ljconfig[require_talkhash]] is on, also make sure that the talkhash provided was issued in the past two hours.  Defaults to off.",
-            },
-            'secure_password_reset' => {
-                    'desc' => "If enabled, do not &email; passwords in the clear from <filename>lostinfo.bml</filename>. Instead, &email; a link that allows the user to reset their password. The link authorizes the user to use <filename>changepassword.bml</filename>, without an old password.",
             },
             'talk_abort_regexp' => {
                     'desc' => "Regular expression which, when matched on incoming comment bodies, kills the comment.",
--------------------------------------------------------------------------------
  • Add Memory
  • Share This Entry
(0 comments)

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.