On 9 December 2012 12:36, comopasta Gr <[email protected]> wrote: > Colin Law wrote in post #1088369: >> On 8 December 2012 23:00, comopasta Gr <[email protected]> wrote: >>> Hi, >>> >>> I have a site where I have noticed that a couple of times /#login is >>> added automatically to the end of the url by someone/something. >> >> What do you mean when you say it is added automatically to the end of >> the url? Where do you see it appear? Is it when you click a link in >> your app (in which case check the url in the source of the page >> containing the link) or does it just appear in the url bar of your >> browser as you are typing something, in which case it is just that at >> some point you have tried to visit that page and it is the type-ahead >> in the browser entering it. >> > Added automatically means that I would enter http://mydomain.com and hit > enter, then the url becomes http://mydomain.com/#login I have never > tried to visit that url, the normal url is http://mydomain.com/login
Do you have logging enabled in your app so that each request is shown? If so then what do you see in the log when you hit enter after entering mydomain.com? If not then enable it and see what happens. > > >>> That >>> displays a site called "Quizboard" and asks for a username and password >>> inside our page. The first part of the url is the domain of my app. >>> >>> That has happened at least 2 times and it is intermittent, normally it >>> ends up in the real application. >> >> What *exactly* has happened at least 2 times? > > What has happened exactly is that in the browser url I see > http://mydomain.com/#login but the contents of the page are not from my > app. It contains a site with a title "Quizboard" and two fields for > username and password. I would call it a phishing site but it does not > try to replicate our login UI. > >> >>> to cover any even weak reports by the tool. >> Is that relevant to the question? >> > Well maybe not. I had some XSS issues reported as weak by brakeman. But > I don't think those had anything to do with the issue. I have solved > those weak issues now. > >> Colin > > I have not seen the issue in last two days but on Friday (for 15 minutes > or so) typing http://mydomain.com/#login would end up not on our app but > on that strange page. Then it stopped. Right now (and pretty much > always) it goes correctly to our app. This has been seen by and another > person in a different country (and machine obviously). You said earlier that you had never typed mydomain.com/#login, now you say you spent 15 mins doing so. Can you let us know your domain name so we can try it? Colin -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
