Isikyus·9 lat temu·discussThis leaks some information about the user's email address. If you suspect one of your users is (say) "[email protected]", you can email [email protected].Then, call notifyOnEmail({from: "[email protected]", to: "[email protected]"}) in every session on your site.If Jean happened to be logged in, you've just identified her.Spam filters would probably stop you brute-forcing the address of every visitor, but they might not help if you already have a good guess.Requiring user approval will stop most of this, although it won't block queries like "are [email protected] and [email protected] the same person?".
Then, call notifyOnEmail({from: "[email protected]", to: "[email protected]"}) in every session on your site.
If Jean happened to be logged in, you've just identified her.
Spam filters would probably stop you brute-forcing the address of every visitor, but they might not help if you already have a good guess.
Requiring user approval will stop most of this, although it won't block queries like "are [email protected] and [email protected] the same person?".