Date: Fri, 8 Apr 2005 23:34:02 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Alan Larson <larson@w6yx.stanford.edu> Cc: bugbusters@freebsd.org Subject: Re: random text in bug submission. Message-ID: <20050408203401.GA42151@gothmog.gr> In-Reply-To: <200504082027.j38KRbY1097490@w6yx.stanford.edu> References: <20050408083517.GF19136@submonkey.net> <200504082027.j38KRbY1097490@w6yx.stanford.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2005-04-08 13:27, Alan Larson <larson@w6yx.stanford.edu> wrote: >>On Thu, Apr 07, 2005 at 04:56:11PM -0700, Alan Larson wrote: >>> I entered the correct code, and it said it didn't match and >>> refused to take my bug submission. >>> >>> What an annoyance. >>> >>> It showed the same code as a previous report, but did not accept >>> the entry. >> >> I really don't understand this behaviour. The image is called as a >> volatile script (/cgi/sendpr-code.cgi?dummy) and sends no-cache >> headers in the HTTP response. There's no way that your browser >> should have shown you the same code again. What is it? >>> There really should be some "are you really a human" at that point -- >> >> What? > > What I meant was that the failure to match error page should give > another (presumably different) image to match so one could continue > the submit process without loss of the information that had just been > manually entered. > > Sort of a "second try". This is a denial of service waiting to happen. Unless, of course, there is a severely limited number of allowed retries; in which case we're back to solving the problem with having just one retry, and the caching misbehavior you're seeing.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050408203401.GA42151>