simonpoole left a comment (openstreetmap/openstreetmap-website#7138)
> With the separate cookie store of a web login page embedded inside a native
> app, maybe that flag should be stored in a session cookie as well. Then
> User.new could actually respond with a 403 instead of still working.
No strong feelings on this. We know that googles review is happy when there is
no "visual" hint that you can sign up as that is what we've done for the last
two years (see
https://github.com/openstreetmap/openstreetmap-website/issues/5118#issuecomment-2318971261)
and I kind of want to keep changes to a minimum if at all possible. The
requirement is just that you can't signup from the app (not that you can't
signup at all :-)) and arguably manually crafting an URL and entering it in a
browser is not "in the app".
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/7138#issuecomment-4656503504
You are receiving this because you are subscribed to this thread.
Message ID:
<openstreetmap/openstreetmap-website/pull/7138/[email protected]>
_______________________________________________
rails-dev mailing list
[email protected]
https://lists.openstreetmap.org/listinfo/rails-dev
