this post was submitted on 12 Aug 2024
993 points (99.5% liked)
Programmer Humor
19809 readers
289 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Not really the only reason. It would be better to just return "token invalid".
It could occur by someone messing with the URL from the reset password email, like accidently adding an extra character before pressing enter
Or a poor email client that wraps the URL and doesn't send the complete one when clicked.
Or someone attempting to find a weakness in the reset password system and sending junk as the token.
Or an email client where you double click the link text to select it and press copy, and somehow this puts the link plus a trailing space in the clipboard to be pasted into a browser.