Thanks for pointing that out! Maybe we can improve on that, even if we keep it as a non-goal.
Right away, a partial mitigation for current versions of Portier is to modify the `email_*.mustache` templates to remove the link. But a second piece of information Portier leaks is simply which sites you're logging into. That's right in the subject for Portier, and not something you can customize for current versions.
I think it's worthy to try and harden against this type of attack, but I'm worried the effect is limited. There's often nothing stopping someone from simply starting the login process / creating a new session, so an attacker just has to know where, and there are a bunch of ways to find out.
Right away, a partial mitigation for current versions of Portier is to modify the `email_*.mustache` templates to remove the link. But a second piece of information Portier leaks is simply which sites you're logging into. That's right in the subject for Portier, and not something you can customize for current versions.
I think it's worthy to try and harden against this type of attack, but I'm worried the effect is limited. There's often nothing stopping someone from simply starting the login process / creating a new session, so an attacker just has to know where, and there are a bunch of ways to find out.