Colin Law wrote in post #1088369: > On 8 December 2012 23:00, comopasta Gr <li...@ruby-forum.com> wrote: >> Hi, >> >> I have a site where I have noticed that a couple of times /#login is >> added automatically to the end of the url by someone/something. > > What do you mean when you say it is added automatically to the end of > the url? Where do you see it appear? Is it when you click a link in > your app (in which case check the url in the source of the page > containing the link) or does it just appear in the url bar of your > browser as you are typing something, in which case it is just that at > some point you have tried to visit that page and it is the type-ahead > in the browser entering it. > Added automatically means that I would enter http://mydomain.com and hit enter, then the url becomes http://mydomain.com/#login I have never tried to visit that url, the normal url is http://mydomain.com/login
>> That >> displays a site called "Quizboard" and asks for a username and password >> inside our page. The first part of the url is the domain of my app. >> >> That has happened at least 2 times and it is intermittent, normally it >> ends up in the real application. > > What *exactly* has happened at least 2 times? What has happened exactly is that in the browser url I see http://mydomain.com/#login but the contents of the page are not from my app. It contains a site with a title "Quizboard" and two fields for username and password. I would call it a phishing site but it does not try to replicate our login UI. > >> to cover any even weak reports by the tool. > Is that relevant to the question? > Well maybe not. I had some XSS issues reported as weak by brakeman. But I don't think those had anything to do with the issue. I have solved those weak issues now. > Colin I have not seen the issue in last two days but on Friday (for 15 minutes or so) typing http://mydomain.com/#login would end up not on our app but on that strange page. Then it stopped. Right now (and pretty much always) it goes correctly to our app. This has been seen by and another person in a different country (and machine obviously). Thanks Colin. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
