sydent
sydent copied to clipboard
Sydent produces a strange validation URL via email when sending next_link to /requestToken
When sending the following request:
POST /_matrix/identity/api/v1/validate/email/requestToken
{
"client_secret": "bla",
"email": "[email protected]",
"send_attempt": 4,
"next_link": "whatever.com"
}
I end up with:
localhost:8090/_matrix/identity/api/v1/validate/email/submitToken?token=iYstSvVkJsWJzCyflAv1DERuvvZRZgfq&client_secret=bla&sid=1648700459&nextLink=blaaaxa.com%3Fsid%3D1648700459
in my email. Note the duplicated sid
entry.
This is also on the dinsic
branch. This doesn't seem to actually affect anything, as the redirect still works, but it's silly.