liberapay.com
liberapay.com copied to clipboard
liberapay
Source code of the recurrent donations platform Liberapay
Removing an email address from Liberapay's blacklist is currently done manually. In order to automate it, we need software that receives emails and authenticates them with [DKIM](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) (or at least...
# Synopsis This PR implements rudimentary support for Time-Based One-Time Password (TOTP) Two-Factor Authentication (2FA) that is compatible with apps such as Google Authenticator, FreeOTP and KeePass. # Rationale Using...
Earlier this month, Stripe's developer newsletter mentioned improvements in the detection and thwarting of card testers: > Prevent card testing attacks > > [Card testing](https://stripe.com/docs/disputes/prevention/card-testing) is a massive challenge for...
Report: https://hackerone.com/reports/87531 Simply copying [Gratipay's solution](https://github.com/gratipay/gratipay.com/commit/b4dc7eff5d141c9949aa959fe2598dab22621d76) won't be enough, because it doesn't entirely fix the problem: you can avoid the throttling by deleting and re-adding the address. (cc @whit537) Also,...
Instead of having to send a verification message to an email address, applications like Liberapay could theoretically use a standard API to redirect the user to the email provider's website...
The traditional method of verifying an email address is to send a message to it. The problem is that this is easily abused by inputting someone else's email address. Originally...
As machine translations have gotten better and more widely used, including to translate the Liberapay website itself, it would make sense to start using them for user-generated content as well....
# Motivation Last year I pledged to support some organization, and put in a very large down payment that covered my pledge years in advance. Recently I wanted to upgrade...
A website by the name of Ko-Fi has this feature where if a person buys a coffee, the signal gets sent back to the website and shows an alert in...
>The user agrees not to use the service for financial transactions that are not donations, notably those linked to the execution of a contract or a promise of recompense. from...
