mirror of
https://github.com/fleetdm/fleet
synced 2026-05-23 08:58:41 +00:00
32143284f6
For #26976. <img width="384" alt="image" src="https://github.com/user-attachments/assets/8d057ec2-c3b0-45d1-bb8c-9745b426e27d" /> An example of such a browser would be an email link scanner, so this *should* fix cases where link-scanning was redeeming the MFA link before the intended user could get to it. Real users can still click through if they wind up on this page, e.g. if they logged in with a different browser than the one used to open the MFA link. Users redeeming MFA with the same browser that initiated the login skp the button and redeem/land on the dashboard automatically. # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it) - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Rachael Shaw <r@rachael.wtf>
1 line
84 B
Text
1 line
84 B
Text
* Fixed an issue where link protection services would prematurely redeem MFA links.
|