Wait, the users password is part of the URL? What happens if the password contains a forward slash or a question mark? Wouldn't that break the whole endpoint?
Original author here. Upon inspection, these passwords are clearly not chosen by the user and, as far as I can tell, consist only of numbers and uppercase letters.
Original author here. Upon inspection, these passwords are clearly not chosen by the user and, as far as I can tell, consist only of numbers and uppercase letters.