github/reddit
1
1
Fork 0
mirror of https://github.com/reddit-archive/reddit.git synced 2026-01-25 06:48:01 -05:00
Code Issues Packages Projects Releases Wiki Activity

Use HTTPS for password reset emails.

Browse Source
This commit is contained in:
Max Goodman
2013-11-21 15:18:23 -08:00
parent 1ed4ac3848
commit bf5350fbe8
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
r2/r2/lib/emailer.py
View File

@@ -99,7 +99,8 @@ def password_email(user):
raise ValueError("Somebody's beating the hell out of the password reset box")
token = PasswordResetToken._new(user)
passlink = 'http://' + g.domain + '/resetpassword/' + token._id
base = g.https_endpoint or g.origin
passlink = base + '/resetpassword/' + token._id
g.log.info("Generated password reset link: " + passlink)
_system_email(user.email,
PasswordReset(user=user,