Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add shared credential for DHL #713

Closed
wants to merge 1 commit into from
Closed

Conversation

BastianZim
Copy link
Contributor

Overall Checklist

for password-rules.json

  • The given rule isn't particularly standard and obvious for password managers
  • Generated passwords have been tested from this rule using the Password Rules Validation Tool
  • Information has been included about the website's requirements (eg. screenshots, error messages, steps during experimentation, etc.)
  • The PR isn't documenting something that would be a common practice among password managers (e.g. minimal length of 6)

for change-password-URLs.json

  • There is no Well-Known URL for Changing Passwords (https://example.com/.well-known/change-password)
  • The URL either makes the experience better or no worse than being directed to just the domain in a non-logged-in state

for shared-credentials.json

  • There's evidence the domains are currently related (SSL certificates, DNS entries, valid links between sites, legal documents etc.)
  • If using shared, the new group serves login pages on each of the included domains, and those login pages accept accounts from the others. (For example, we wouldn't use a shared association from google.co.il to google.com, because google.co.il redirects to accounts.google.com for sign in.)
  • If using from and to, the new group, the from domain(s) redirect to the to domain to log in.

for shared-credentials-historical.json

  • You believe that the domains were associated at some point in the past and can explain that relationship

DHL and Deutsche Post belong to the same company: https://www.dpdhl.com/en/investors.html

It is from to to based on my own tests. I could log into Deutsche Post with DHL but not the other way. Actually, Deutsche Post expects a 2FA token that was generated on DHL.

@dmmaslenn
Copy link
Collaborator

dhl.de doesn't redirect to deutschepost.de, and it seems like this is two completely different services.

@dmmaslenn dmmaslenn closed this Sep 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants