1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-28 01:32:42 +01:00
phorge-phorge/src/applications
epriestley a15f07cc33 Allow Phabricator to be configured to use a public Reply-To address
Summary:
We already support this (and Facebook uses it) but it is difficult to configure
and you have to write a bunch of code. Instead, provide a simple flag.

See the documentation changes for details, but when this flag is enabled we send
one email with a reply-to like "D2+public+23hf91fh19fh@phabricator.example.com".
Anyone can reply to this, and we figure out who they are based on their "From"
address instead of a unique hash. This is less secure, but a reasonable tradeoff
in many cases.

This also has the advantage over a naive implementation of at least doing object
hash validation.

@jungejason: I don't think this affects Facebook's implementation but this is an
area where we've had problems in the past, so watch out for it when you deploy.
Also note that you must set "metamta.public-replies" to true since Maniphest now
looks for that key specifically before going into public reply mode; it no
longer just tests for a public reply address being generateable (since it can
always generate one now).

Test Plan:
Swapped my local install in and out of public reply mode and commented on
objects. Got expected email behavior. Replied to public and private email
addresses.

Attacked public addresses by using them when the install was configured to
disallow them and by altering the hash and the from address. All this stuff was
rejected.

Reviewed By: jungejason
Reviewers: moskov, jungejason, tuomaspelkonen, aran
CC: aran, epriestley, moskov, jungejason
Differential Revision: 563
2011-07-03 12:31:00 -07:00
..
auth Revise administrative workflow for user creation 2011-05-31 13:06:32 -07:00
base Use DatabaseConfigurationProvider to get DB info 2011-06-13 14:59:28 -07:00
conduit Use authoritative user identity for revision author 2011-06-30 14:03:43 -07:00
countdown Make "Countdown" aware of time locales 2011-06-26 11:53:34 -07:00
daemon Use the proc-error-aware signaling check for daemons from the CLI 2011-06-27 15:01:07 -07:00
differential Allow Phabricator to be configured to use a public Reply-To address 2011-07-03 12:31:00 -07:00
diffusion Add timezone support 2011-06-18 13:07:43 -07:00
directory Use Javelin workflow on directory item deletion 2011-05-28 11:57:31 -07:00
draft/storage Revision comment drafts. 2011-02-05 16:57:21 -08:00
files Allow affiliations to carry project ownership information; transform profile 2011-06-28 06:40:41 -07:00
help/controller Provide basic structure for keyboard shortcuts 2011-06-07 11:23:19 -07:00
herald Project list and profile view modifications 2011-06-20 16:13:44 -03:00
maniphest Allow Phabricator to be configured to use a public Reply-To address 2011-07-03 12:31:00 -07:00
metamta Allow Phabricator to be configured to use a public Reply-To address 2011-07-03 12:31:00 -07:00
owners Removing reordering code that wasn't needed 2011-04-20 17:07:46 -07:00
paste Paste sucks when lines are too long. 2011-06-16 20:42:02 -04:00
people Fixed more typos (via GitHub) 2011-06-29 10:01:06 -07:00
phid Handle the case when a repository was deleted 2011-07-01 19:10:47 -07:00
preferences/controller Add missing includes from XHPAST parse bug. 2011-04-06 23:14:58 -07:00
project Allow affiliations to carry project ownership information; transform profile 2011-06-28 06:40:41 -07:00
repository Improve search result listing 2011-06-29 13:25:38 -07:00
search Allow Maniphest filtering by "upforgrabs" explicitly 2011-06-29 13:59:45 -07:00
status/base Add /status/ 2011-04-08 11:13:51 -07:00
typeahead/controller Allow Maniphest filtering by "upforgrabs" explicitly 2011-06-29 13:59:45 -07:00
uiexample Add missing includes from XHPAST parse bug. 2011-04-06 23:14:58 -07:00
xhpastview Add missing includes from XHPAST parse bug. 2011-04-06 23:14:58 -07:00
xhprof Lint fluff. 2011-02-06 12:58:01 -08:00