Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Production deploy #2490

Merged
merged 6 commits into from
Nov 28, 2023
Merged

Production deploy #2490

merged 6 commits into from
Nov 28, 2023

Conversation

jessicamcinchak
Copy link
Member

No description provided.

ianjon3s and others added 6 commits November 27, 2023 09:20
* feat: Reposition and style help text button

* feat: Remove border radius from button
* fix: remove resume on browser refresh to avoid exposing sessionId

- Temporarily removing the feature which allows users to resume on browser refresh
- The implementation exposed the sessionId which has security implications
- Removed the code for the feature and accompanying test

* fix: on loading a magic resume link and reading sessionId remove it from the url

- Exposing the sessionId has security implications
- The sessionId and the user email are required to successfully resume their session
- Read the sessionId but then immediately remove it from the url.
- This means it's barely visible and not dispalyed for the rest of the session

* refactor: reinstate test but check sessionId isn't in url

- As per: https://github.com/theopensystemslab/planx-new/pull/2485/files/fcc4df227e74eb399d496b3bb14e69a1617f4512#r1406392300
- Reinstate the test as it can add value checking that the sessionId is *not* in the url after being input by user
@jessicamcinchak jessicamcinchak requested a review from a team November 28, 2023 15:57
@jessicamcinchak jessicamcinchak merged commit b024bc8 into production Nov 28, 2023
7 checks passed
Copy link

Removed vultr server and associated DNS entries

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants