[BB-1053] registration: post validation via POST and not GET
Created by: dupainaulevain
What is being changed?
Post registration validation via POST and not GET
Why is it neeeded?
So that password & password_confirmation do not leak in server logs
Testing instructions
- make run.dev
- firefox http://localhost:5000/registration
- type the password and the password confirmation
- without this commit see the following line in the logs displayed by make run.dev and the password you just typed
06:55:16 web.1 | 192.168.160.1 - - [09/Mar/2019 06:55:16] "GET /api/v1/registration/register/validate/?accept_terms=false&footer_bg_color=%23ffffff&header_bg_color=%23ffffff&link_color=%23126f9a&main_color=%23126f9a&password=frobnitza&password_confirmation=frobnitza&subscribe_to_updates=false HTTP/1.1" 200 -
- with this commit see the following line in the logs displayed by make run.dev without the password you just typed
06:55:16 web.1 | 192.168.160.1 - - [09/Mar/2019 06:55:16] "POST /api/v1/registration/register/validate/ HTTP/1.1" 200 -