"Update my email", best way to prevent enumeration?
"Update my email" page has 2 fields: the new email and the current password.
I cannot find the correct way to protect against user enumeration if there’s an error on the email field:
if I silence the error users wont know if the… Continue reading "Update my email", best way to prevent enumeration?