#1926: GET requests on target URLs of POST forms should be refused
----------------------+-----------------------
Reporter: pitrou | Owner:
Type: undecided | Status: new
Priority: minor | Milestone: undecided
Version: 0.8.3 | Keywords:
----------------------+-----------------------
At python.org we started having log entries like the following:
{{{
X.Y.Z.W - - [11/Apr/2011:11:44:10 +0200] "GET
/dev/buildbot/all/builders/x86%20debian%20parallel%203.x/builds/1940/rebuild
HTTP/1.1" 302 278 "http://www.python.org/dev/buildbot/all/builders/x86
debian parallel 3.x/builds/1940" "WebReaper [[email protected]]"
}}}
This triggered lots of spurious rebuilds. Since the "rebuild" form
normally uses the POST method, it means the above bot/crawler is ill-
behaved. Refusing GET requests on the rebuild URL (and other ones) would
easily defend against such crawlers, and prevent rebuilds from polluting
the build history.
--
Ticket URL: <http://trac.buildbot.net/ticket/1926>
Buildbot <http://buildbot.net/>
Buildbot: build/test automation
------------------------------------------------------------------------------
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
_______________________________________________
Buildbot-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/buildbot-commits
