github-mirror/BookStack
2
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-05-21 22:36:05 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Updated password reset process not to indicate if email exists

Browse Source 
- Intended to prevent enumeration to check if a user exists.
- Updated messages on both the reqest-reset and set-password elements.
- Also updated notification auto-hide to be dynamic based upon the
amount of words within the notification.
- Added tests to cover.

For #2016
This commit is contained in:
Dan Brown
2020-04-10 13:38:08 +01:00
parent 053cbbd5b6
commit ba1be9d710
6 changed files with 63 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
resources/js/components/notification.js
View File

@ -28,7 +28,11 @@ class Notification {
this.elem.classList.add('showing');
}, 1);
if (this.autohide) setTimeout(this.hide.bind(this), 2000);
if (this.autohide) {
const words = textToShow.split(' ').length;
const timeToShow = Math.max(2000, 1000 + (250 * words));
setTimeout(this.hide.bind(this), timeToShow);
}
}
hide() {