---
** [tickets:#7759] After resetting pwd and logging in, don't redir back to pwd
reset form**
**Status:** open
**Milestone:** forge-oct-17
**Created:** Fri Oct 10, 2014 06:40 PM UTC by Dave Brondsema
**Last Updated:** Fri Oct 10, 2014 06:40 PM UTC
**Owner:** nobody
If you use a forgotten password reset form, e.g. URL
/auth/forgotten_password/cc2ffdc2c20db368a1f3e4576159d9d2cc2c75b2 and change
your password, then you go to the login page and the login form has a hidden
`return_to` field set to
`/auth/forgotten_password/cc2ffdc2c20db368a1f3e4576159d9d2cc2c75b2` That is
not good, because then you'll end up going to that form again and get an error
because the hash is already used. There should be no return_to in this
situation.
---
Sent from sourceforge.net because [email protected] is subscribed to
https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at
https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a
mailing list, you can unsubscribe from the mailing list.
