synapse-product/changelog.d/6074.feature
Andrew Morgan 7763dd3e95
Remove trailing slash ability from password reset's submit_token endpoint (#6074)
Remove trailing slash ability from the password reset submit_token endpoint. Since we provide the link in an email, and have never sent it with a trailing slash, there's no point for us to accept them on the endpoint.
2019-09-20 14:58:37 +01:00

1 line
79 B
Gherkin

Prevent password reset's submit_token endpoint from accepting trailing slashes.