ticket submit validation is broken for cnum
|Reported by:||Owned by:||Jonas Borgström|
spam bots tends to submit data from their own client instead of a browser, and he can forge any data for any fields, and it looks like trac ticket system just accept it and store in db. but how come the ticket system complaint about invalidate data in ticket?
raise InvalidTicket('Invalid comment threading identifier')
- validate data before submit
- when data corrupted/invalidated, trac should ignore it and/or fill a default data.
Change History (4)
comment:2 by , 13 years ago
|Status:||closed → reopened|
|Summary:||ticket submit validation → ticket submit validation is broken for cnum|