mirror of
https://github.com/mastodon/mastodon.git
synced 2024-11-21 12:05:07 +01:00
Avoid user enumeration with devise paranoid mode (#1527)
This commit is contained in:
parent
c9b9225951
commit
a85d4473aa
@ -74,7 +74,8 @@ Devise.setup do |config|
|
|||||||
# It will change confirmation, password recovery and other workflows
|
# It will change confirmation, password recovery and other workflows
|
||||||
# to behave the same regardless if the e-mail provided was right or wrong.
|
# to behave the same regardless if the e-mail provided was right or wrong.
|
||||||
# Does not affect registerable.
|
# Does not affect registerable.
|
||||||
# config.paranoid = true
|
# See : https://github.com/plataformatec/devise/wiki/How-To:-Using-paranoid-mode,-avoid-user-enumeration-on-registerable
|
||||||
|
config.paranoid = true
|
||||||
|
|
||||||
# By default Devise will store the user in session. You can skip storage for
|
# By default Devise will store the user in session. You can skip storage for
|
||||||
# particular strategies by setting this option.
|
# particular strategies by setting this option.
|
||||||
|
Loading…
Reference in New Issue
Block a user