On Wed, Oct 21, 2009 at 12:36 PM, Glenn McGurrin <glennmcgurr...@gmail.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Looking back through my email I noticed this and I saw a potential > security issue, if it only needs my profile url could anyone who knew > that sign my up to follow them when they are not logged in. For > instance make a bot that would subscribe a lot of users to them for > spamming purposes? On a different note I am not sure I am sending all > of the right headers in my emails or if I am sending to many, is it > correct to be sending both a reply-to header and a followup-to header? > The followup-to header seems to be a recent addition to my client and so > I don't know what the accepted standard is for using it.
Hi Glenn Have a try and see. Log out of your own account, and see if you can somehow get statusnet to subscribe you to someone. you'll see that you can't. _______________________________________________ StatusNet-dev mailing list StatusNet-dev@lists.status.net http://lists.status.net/mailman/listinfo/statusnet-dev
