No anti-spamer filters are applied to the title and/or content of the bug

RESOLVED WONTFIX

Status

()

Bugzilla
Creating/Changing Bugs
--
enhancement
RESOLVED WONTFIX
14 years ago
12 years ago

People

(Reporter: Jose Antonio Coret, Assigned: myk)

Tracking

Details

(Reporter)

Description

14 years ago
User-Agent:       Mozilla/5.0 (compatible; Konqueror/3.2; Linux) (KHTML, like Gecko)
Build Identifier: 

An spamer (or any other **** person) can insert propaganda in the title and/or content of 
bug. 
 
For example :  
 
Wins $20.00 clicking Here!!!! 
Buy viagra now only for $10.00!!! 
 

Reproducible: Always
Steps to Reproduce:
1.Login in Bugzilla. Click to enter a new bug 
2.In the summary and/or details fields insert, in example, the following text :  
 
Buy viagra now only for $10.00!!! 
 
 
 
Actual Results:  
The propaganda is happily inserted and, is too easy to create a simple robot to make it an 
automated process. 

Expected Results:  
Filter it and deny this practice and/or make any check to ensure that the "caller" is a human, 
not a robot. For example, by typing a text that is displayed in an image. 

I found the same bug in Mantis Bugtracker.
I really don't know if we'd want to do that.  That's the kind of thing that
would best be handled by fast acting folks getting the bugmail to disable the
offender's account.  One thing making that harder to do is you have to sign up
for an account before you can file a bug, and the email address they sign up
with has to work before they can get in (because it mails the password).

People have the same problems with comments on their blogs.                    
                                                                   
Group: webtools-security

Comment 2

14 years ago
Maybe a configurable parameter that will turn on/off a CAPTCHA test upon account
creation or/and comment posting?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: No anti-spamer filters are applied to the title and/or content of the Bug → No anti-spamer filters are applied to the title and/or content of the bug

Updated

12 years ago
QA Contact: mattyt-bugzilla → default-qa

Comment 3

12 years ago
mkanat and me both agree with justdave: we don't want that. I would hate having to type the text displayed in an image everytime I do some changes => WONTFIX.
Status: NEW → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.