Re: Firefox adding "Pr" to a hidden field?!
Re: Firefox adding "Pr" to a hidden field?!
- Subject: Re: Firefox adding "Pr" to a hidden field?!
- From: Miguel Arroz <email@hidden>
- Date: Thu, 12 Nov 2009 17:17:40 +0000
Hi!
Ok, I've found it!
With the help and info of a few other people, I was pointed to <https://bugzilla.mozilla.org/show_bug.cgi?id=489575
>.
Essentially, the problem happens on Leopard, with Parental controls
turned on, and Firefox. When Parental controls are on, the OS makes
all the requests go trough some local proxy to check for nude chicks
and stuff. For some very weird reason, when the request is done using
Firefox, the last two characters of the value of the last submitted
field on a form are replaced by "Pr"...
Apparently, this is fixed in Snow Leopard.
The solution, on server side, is to add a hidden dummy field at the
end of the form, so that parental controls may screw that value up
without any further consequences.
Nice one, Apple! :P
Yours
Miguel Arroz
On 2009/09/11, at 16:09, Mark Gowdy wrote:
Miguel,
I have also noticed this in our error logs, but it happens so
infrequently that I just ignored it (presumed it was a bot, or
something probing for a common security hole or something)
If you discover otherwise, please let us know.
Thanks,
Mark
On 11 Sep 2009, at 15:48, Miguel Arroz wrote:
Hi!
Just to make it clear, I am NOT able to reproduce this. I'm just
watching this on the live production servers and reading the logs.
So it may be something else masking as Firefox.
Yours
Miguel Arroz
On 2009/09/11, at 15:45, Miguel Arroz wrote:
Hi!
Has anyone had seen problems with requests that (theoretically)
come from the Firefox browser where the string "Pr" is added to a
hidden form field? I've seen this in the past, and I'm seeing it
now. It's causing my stuff to crash because that field is supposed
to have a number, so parseInt crashes. I'm getting stuff like
"12526795139Pr" where it should be "12526795139".
Yours
Miguel Arroz _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden