Duccio Armenise
Duccio Armenise
Now that you mention it, yes, definitely. Otherwise, a malicious user could set up an account and then assign it to another person, that then would receive notifications, newsletters, etc....
Fair enough! Everyone using this gem will eventually have to build something like this, though. How about a wiki entry with a short tutorial on the best practice to accomplish...
## Protect from open redirect vulnerability How can the [open redirect vulnerability](https://blog.detectify.com/2019/05/16/the-real-impact-of-an-open-redirect/) be avoided? Probably, by making sure that [passwordless_query_redirect_path](https://github.com/mikker/passwordless/blob/484e05df011c3f588db880a85b070bb3808e7c43/app/controllers/passwordless/sessions_controller.rb#L75) cannot redirect to other websites. In the rare instance of...
## Allow the user to update their email address It's currently not possible for users to update their email addresses. For any long-lived application, this is a required feature. With...
> I think that you call `authorize_resource` without the `Inquiry` loaded is not correct. I agree! the point is that in case of a mistake like this one CanCanCan should...
Sorry, my bad, solved it adding that chown comand to sudoers: ``` #/etc/sudoers Cmnd_Alias CHMOD = /bin/chmod # Passwordless sudo for deployer deployer ALL=(ALL) NOPASSWD: CHMOD ```
Hello @alexreisner I'm loving this gem and, referencing your third bullet point, I need to use different APIs for different queries. In particular, I'd like to use LocationIQ for the...
I'd like to develop it if that's ok with you. In order to make it work I think that `refinerycms-blog` should somehow override the [Refinery::SiteBarHelper](https://github.com/refinery/refinerycms/blob/master/core/app/helpers/refinery/site_bar_helper.rb). Am I right?
Eh eh, thank you anyway! 👍 it will surely help someone else :)
Dunno if this can help, but I solved it simply adding `'data-disable-with': 'your disable message...' )` to the helper call, like this: ``` ``` And it worked! 🤷♂️ (V2, Rails...