4952: Implement known password change URL - Composr CMS feature tracker

ID	Project	Category	View Status	Date Submitted	Last Update

4952	Composr	core	public	2022-09-27 17:28	2022-10-06 00:01

Reporter	Chris Graham	Assigned To	Guest
Priority	normal	Severity	feature
Status	new	Resolution	open

Summary	4952: Implement known password change URL
Description	W3C has made a spec for specifying a known URL to change a user's password. It is designed to make it easier to do mass-password-changes after a user finds they are breached. https://w3c.github.io/webappsec-change-password-url/ Implement this as a simple redirect in recommended.htaccess. Update tut_webapp to reference the spec.
Tags	Type: Security, Type: Standards compliance
Attach Tags	(Separate by ",")

Time estimation (hours)	0.5
Sponsorship open

Date Added	Member	Amount Sponsored

View Status	Private (for security issues or disclosing of private information; if you submit as a guest, you will not be able to see your submission)
Note
Upload Files Maximum size: 32,768 KiB	Attach files by dragging & dropping, selecting or pasting them.
You are not logged in	You are not logged in. This means you will not get any e-mail notifications. And if you reply, we will not know for sure you are the original poster of the issue.

Date Modified	Username	Field
2022-09-27 17:28	Chris Graham	New Issue
2022-09-27 17:28	Chris Graham	Tag Attached: Type: Security
2022-09-27 17:28	Chris Graham	Tag Attached: Type: Standards compliance
2022-10-06 00:01	Chris Graham	Description Updated