Very interesting security flaw... I figured out how I double posted...
If you post, then click the back button and then the forward button it posts again. I did it on my forum - that's how I figured out how I double posted. It bypasses the flooding control and you could potentially flood a forum.
Eh, one for the Snitz developers (if snitz is still in development).
Very interesting security flaw... I figured out how I double posted...
If you post, then click the back button and then the forward button it posts again. I did it on my forum - that's how I figured out how I double posted. It bypasses the flooding control and you could potentially flood a forum.
Eh, one for the Snitz developers (if snitz is still in development).
How is that a security flaw in the Snitz code ? your two posts were 17 mins apart, the flood control does not last that long. what you did is exactly what I would expect to happen given what you did. How long would you suggest we set the flood limit for ?
Is flood control enabled on your sandbox forum? I tested on all three of my test forums and wasn't able to post while under the flood limit.
Bill Parrott Senior Web Programmer, University of Kansas Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com) Personal Website (www.chimericdream.com)
Topic Locked
Posted - 31 March 2008 : 15:25:37
