[buddypress-trac] [BuddyPress Trac] #9301: Template notice not displayed for logged-out users when clicking on email unsubscribe link
buddypress-trac
noreply at wordpress.org
Thu Aug 28 18:00:10 UTC 2025
#9301: Template notice not displayed for logged-out users when clicking on email
unsubscribe link
--------------------------+------------------------------
Reporter: r-a-y | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Emails | Version:
Severity: normal | Resolution:
Keywords: dev-feedback |
--------------------------+------------------------------
Comment (by dcavins):
Hi @r-a-y, thanks for posting this issue. Yes, that change was made in
response to a security change request. The issue was one of those "an
unauthenticated user can cause content to be displayed on the screen"
issues that get reported a lot these days.
Honestly, we didn't realize that the template messages were ever used for
anonymous users, so thanks for pointing out that situation.
The best answer is probably to not rely on cookie data for messages. Do
you have any memory when that cookie data would actually be used? Maybe
because the user was redirected through the login process or similar and
we needed a cheap way to store something specific to the individual
temporarily?
Thanks!
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/9301#comment:3>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list