Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Possible Bugs
#1

  1. Text in General Information / Phone Number field
  2. General Information / Phone Number field does not have enough characters for normal phone number syntax. ie, it'll take 4252931234, but not (425) 293-1234
  3. 404 gives way too much information for OOG hacking (Try: http://beta.spitelarp.com/bank/create_character)
  4. Player notes does not strip out HTML (see attached)


Attached Files Thumbnail(s)
   
William Myers aka Cossak Symon Jenkins
Reply
#2
1-2) I'll put tightening up the restrictions on that field and letting formatting through on the list, along with the email address field.
3) A list of URLs that resolve on the site isn't exactly secret information, but I take your point that a public-facing site probably shouldn't have "Debug" turned on, even if it's only the test instance, in case there's secret information there later on. This'll be updated the next time we push to beta (perhaps next Monday), so get all your OOG data collecting in before then. Wink
4) That's a bug in the javascript that displays it rather than a security concern, since refreshing the page has it correct (and you can already execute arbitrary javascript in your own browser). That will also be fixed when we next push.

Thanks!
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)