HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Search
-
Spam loophole in Articles?
It looks like there is some kind of a spam loophole that lets people without accounts post comments on articles. We do not have an issue with spam on our core Vanilla forums: http://www.crushlivepoker.com/forums/article/2015/trip-report-potawatomi http://www.crushlivepoker.com/forums/article/2015/can-t-win-them-all The… -
Re: Spam loophole in Articles?
Just made some changes to the code that should patch up the spam loophole in the ComposeController->Comment() method. @khalwat, thank you for trying out Articles. I'll be releasing v1.1.0 later this week. This fix should stop the spam comments caused by this loophole and I hope you would give Articles another try soon. -
Re: Spam loophole in Articles?
It looks like you found a bug that I'll fix by adding in another conditional in ComposeController->Comment() that will check if there is no user session and if the guest commenting config setting is disabled to disallow spam post submission from continuing. @hgtonight added in some code to check for spam in comments, but… -
Re: Spam loophole in Articles?
4 results