paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-23 04:52:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

realm_reactivation: Use redirect-to-POST trick.

Browse Source 
Uses the approach done for email change confirmations in #34980 to avoid
triggering a reactivation via just a GET request. Instead, the GET
should return a page which will trigger the browser to then POST the key
to the endpoint.
This commit is contained in:
Mateusz Mandera
2025-07-17 02:30:18 +08:00
committed by Tim Abbott
parent 5b00cb6753
commit 4210ccc5db
4 changed files with 38 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
zproject/urls.py
View File

@@ -124,6 +124,7 @@ from zerver.views.realm import (
check_subdomain_available,
deactivate_realm,
realm_reactivation,
realm_reactivation_get,
update_realm,
update_realm_user_settings_defaults,
)
@@ -698,7 +699,8 @@ i18n_urls = [
path("new/", create_realm),
path("new/<creation_key>", create_realm, name="create_realm"),
# Realm reactivation
path("reactivate/<confirmation_key>", realm_reactivation, name="realm_reactivation"),
path("reactivate/", realm_reactivation, name="realm_reactivation"),
path("reactivate/<confirmation_key>", realm_reactivation_get, name="realm_reactivation_get"),
# Login/registration
path("register/", accounts_home, name="register"),
path("login/", login_page, {"template_name": "zerver/login.html"}, name="login_page"),