Using Bugzilla to hide spam sites
wicked at etlicon.fi
Mon May 14 11:14:15 UTC 2007
On 14.05.2007 13:43, Gervase Markham wrote:
> I just had the below spam comment posted to my blog. It struck my eye
> because the URL is a Bugzilla attachment URL.
Yeah, I have seen this problem reported before. Bmo was just hit with
such attachment a while ago (which justdave deleted promptly) and there
was a bug opened about this issue. See
https://bugzilla.mozilla.org/show_bug.cgi?id=380489 for details.
> I'm not sure there's much we can do about this. The spammer obviously
That was my thought exactly. I'm not sure what can be done about this
issue short of preventing HTML attachments or start parsing and
stripping bad code from them before showing.
It does look like this problem is been exploited extensively. :(
"Anything is possible. It's all about probabilities."
More information about the developers