11
usr--2ndry
221d

Mail from Microsoft: sign in to see payment details.
User clicks on the link (once).

Microsoft:

Sign in to continue to Microsoft

Something went wrong and we can't sign you in right now. Please try again later.

The Microsoft account login server has detected too many repeated authentication attempts. Please wait a moment and try again.

Comments
  • 1
    You are your own worst enemy
  • 0
    you pay microsoft?
  • 2
    One guess: it is possible that your email client renders a link preview (either by default or on hover)

    That causes a request to the link - which ”wastes” it’s one time usage
  • 0
    @jiraTicket never thought of that, but it sounds plausible. Maybe those links are only supposed to work in Outlook mail
  • 2
    @usr--2ndry Nah, it's unthinkable that the links are designed for a specific email client. A link is a link.

    It's just that some programs will notice when a link is rendered and try to render the page title for that link - and that causes a request to be sent to the page.

    Other email clients do this too.

    And it's also done if you paste a link on facebook - they will make a request to that link to fetch it's image. If you write a link in google docs and hover over it - it'll render the page.

    So essentially "one time usage only"-links can be screwed by many programs.
  • 0
    @jiraTicket So essentially, one-time-usage-only-links should not exist for so many reasons, but most importantly they violate the Principle of Idempotence that should apply to all GET actions on the web.
Add Comment