From: Tom Hughes <tom@compton.nu>
Date: Mon, 15 Nov 2010 21:41:32 +0000 (+0000)
Subject: Protect against interception of confirmation emails
X-Git-Tag: live~6306^2~43
X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/7f3d37867b7f35e6003f20803d3779a302c3f505?hp=7f3d37867b7f35e6003f20803d3779a302c3f505

Protect against interception of confirmation emails

When processing an account confirmation email don't automatically
log the user in unless their browser session has a token that
matches the same user. Closes #3337.
---