[prev in list] [next in list] [prev in thread] [next in thread]
List: gentoo-dev
Subject: Re: [gentoo-dev] Bugday reminder
From: Kalin KOZHUHAROV <kalin () thinrope ! net>
Date: 2006-03-31 7:56:55
Message-ID: 442CE0C7.8010706 () thinrope ! net
[Download RAW message or body]
Bjarke Istrup Pedersen wrote:
> Something interresting has happend since last, the new bugday site has
> gone into official beta, and can been seen on
> http://bugday.gentoo.org/bugdaytest . Please do some testing with it,
> and report any bugs you find back to me.
Bug #1:
Do *NOT* ask for Bugzilla credentials over plain HTTP!
Even if it is just beta testing, you are using real account information
and that is a very bad approach as far as security practices go.
Add SSL support (or fix it, 'cause https://bugday.gentoo.org/bugdaytest/
is a 404 and https://bugday.gentoo.org/ is plain bugs.gentoo org or is it?)
Bug #2:
Add an error page explaining what is wrong with a login attempt
If you try to login, you are just thrown back to the original URL (slightly
dressed up as http://bugday.gentoo.org/bugdaytest/bugday.php) without any
notice of a failed login attempt.
When Bug #1 gets fixed, I can further test.
Kalin.
--
|[ ~~~~~~~~~~~~~~~~~~~~~~ ]|
+-> http://ThinRope.net/ <-+
|[ ______________________ ]|
--
gentoo-dev@gentoo.org mailing list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic