Problem statement
We want to know how the feature flags "magic_link_redeem_on_post’’ and disable_magic_link_auto_form_submission
work.
Solution
The magic_link_redeem_on_post
flag determines if the email verification link marks the email as verified on a GET or POST request. When the flag is false, a GET request to the link marks the email as verified.
When the flag is set to true (default), you need to perform a POST request. With the flag on, when users click on the email verification link, they are taken to a page with a form that has 1 button - which they can click to finish the verification process – this makes the required POST request.
To reduce work for end users, we auto-submit this form with javascript. Some email scanners might be scanning pages with javascript enabled so the form might still be auto-submitting. We have another flag disable_magic_link_auto_form_submission
(false by default) which disables this auto-submit behavior. Instead, if this second flag is enabled, users will see the form mentioned above and have to click on the button manually once the page is loaded to finish the verification process.