New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generated link to reset password uses insecure protocol #98
Comments
It would also be helpful if http://bioportal.bioontology.org redirected automatically to https. Thanks! |
Another related issue is the token never seems to expire (either after a certain amount of time or after being used once). I just clicked on the link that was generated over a week ago and was able to arbitrarily reset my password again. |
I entered a separate issue for this, as the code that generates the tokens lives in a different repository. See ncbo/ontologies_api#60. |
Yes, we agree. See relevant issues: |
Fixed with this commit: 78fa10a |
…el-features Fix: Disable attributes on update callbacks
Reported by an end user:
We're hard-coding the HTTP protocol in the reset_password method.
The text was updated successfully, but these errors were encountered: