Using Bugzilla to hide spam sites
julien.beti at free.fr
Mon May 14 11:20:18 UTC 2007
Checking the attachment content will be somehow very difficult to
implement, that's for sure. But as the user have to be logged in to
attach files, and my opinion is that perhaps the good idea is to
enforce the subscription process, either with randomly generated numbers
in human-only generated images, to prevent automatic account creation.
E-mail address checking process can be a good idea also. Maybe both ;)
On 14/05/07 13:14, Teemu Mannermaa wrote:
> On 14.05.2007 13:43, Gervase Markham wrote:
>> I just had the below spam comment posted to my blog. It struck my eye
>> because the URL is a Bugzilla attachment URL.
> Yeah, I have seen this problem reported before. Bmo was just hit with
> such attachment a while ago (which justdave deleted promptly) and there
> was a bug opened about this issue. See
> https://bugzilla.mozilla.org/show_bug.cgi?id=380489 for details.
>> I'm not sure there's much we can do about this. The spammer obviously
> That was my thought exactly. I'm not sure what can be done about this
> issue short of preventing HTML attachments or start parsing and
> stripping bad code from them before showing.
> It does look like this problem is been exploited extensively. :(
La route est longue, mais la voie est libre...
More information about the developers