New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How does Devise confirmation deals with automatic clicks? #5624

Open

collimarco opened this issue Sep 1, 2023 · 1 comment

collimarco commented Sep 1, 2023

I just realized that some spam checkers follow the links in the emails automatically:

https://news.ycombinator.com/item?id=28240279

Does Devise implement any form of protection from this automatic clicks?

It seems that Devise is using a normal GET request to confirm the accounts and this may confirm people that didn't click the link.

Member

carlosantoniodasilva commented Sep 1, 2023 •

edited

Not at the moment, but I have thought about implementing an intermediate step to confirmation and sort of bypass that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment