diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2013-06-06 22:46:30 +0200 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2013-06-06 22:46:30 +0200 |
commit | a905395d7fd7dce12a8f51b68aaeede0959480b6 (patch) | |
tree | 689eaf2d1f1b10c62c70d815fd1baf51496818d0 /template/en/default/account | |
parent | bb45718c677f941ef0ec214cf87ce6bb85f0fa4e (diff) | |
download | bugzilla-a905395d7fd7dce12a8f51b68aaeede0959480b6.tar.gz bugzilla-a905395d7fd7dce12a8f51b68aaeede0959480b6.tar.xz |
Bug 878035: Do not disclose whether a user account exists or not when a user clicks "forgot password"
r=dkl a=LpSolit
Diffstat (limited to 'template/en/default/account')
-rw-r--r-- | template/en/default/account/password/forgotten-password.txt.tmpl | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/template/en/default/account/password/forgotten-password.txt.tmpl b/template/en/default/account/password/forgotten-password.txt.tmpl index 0c135a9ed..de2e79596 100644 --- a/template/en/default/account/password/forgotten-password.txt.tmpl +++ b/template/en/default/account/password/forgotten-password.txt.tmpl @@ -12,7 +12,9 @@ Subject: [% terms.Bugzilla %] Change Password Request X-Bugzilla-Type: admin You have (or someone impersonating you has) requested to change your -[%+ terms.Bugzilla %] password. To complete the change, visit the following link: +[%+ terms.Bugzilla %] password. The request originated from [% ip_addr %]. + +To complete the change, visit the following link: [%+ urlbase %]token.cgi?t=[% token FILTER uri %]&a=cfmpw @@ -24,3 +26,7 @@ this request, visit the following link: If you do nothing, the request will lapse after [% constants.MAX_TOKEN_AGE %] days (on [% expiration_ts FILTER time("%B %e, %Y at %H:%M %Z", timezone) %]) or when you log in successfully. + +If you think someone tried to compromise your account, please inform +[%+ Param('maintainer') %] with the IP address reported above +and the exact time when you got this email. |