Hi All,
This week we'll be rolling FxA train-32 to production, with the
following highlights:
On the Backend:
* We can now mark accounts as "locked out" as a security measure if
they have too many failed login attempts. It will be enabled in
log-only mode for this train so we can gather metrics on how often
it might trigger in practice.
* Many of our repos now have support for a Docker-based local
development flow, thanks to community contributions from Jamon.
Thanks Jamon!
On the Frontend:
* There's experimental support for suggesting email address corrections
in the sign-up flow, based on common domain-name typos. While
disabled by default, you can try it out by prepending "?mailcheck=1"
to the URL of the signup page.
* WebChannel OAuth reliers can now request relier-specific encryption
keys as part of the login flow.
* There's improved handling of translation strings, and some previously
overlooked strings are now properly translated.
* Several improvements to avatar display, uploads, and error-handling.
* Error pages are now allowed to be iframed, to improve experience for
reliers that want to iframe the OAuth dance.
* Quite a few bug fixes and improved test coverage.
There is a lot of good stuff on this train - thanks everyone for pushing
hard to get it out the door.
As always, you can dig into the details through the CHANGELOG files in
each individual repo:
https://github.com/mozilla/fxa-auth-server/blob/master/CHANGELOG
https://github.com/mozilla/fxa-auth-db-server/blob/master/CHANGELOG
https://github.com/mozilla/fxa-content-server/blob/master/CHANGELOG.md
Cheers,
Ryan
_______________________________________________
Dev-fxacct mailing list
[email protected]
https://mail.mozilla.org/listinfo/dev-fxacct
