create account

RE: [Steemplus API] [v1.0] [Bug-Report] DOS Vulnerability in the API caused by the SPP-Job by sachincool

View this thread on: hive.blogpeakd.comecency.com

Viewing a response to: @mwfiae/bug-report-dos-vulnerability-in-the-steemplus-api-caused-by-the-spp-job

utopian-io · @sachincool ·
$6.71
Hello @mwfiae, 
This is a really good extensively written report. 
* The Criticality Is Critical,  It affects the resource monitoring majorly and can impact high unnecessary usage. 
* You proposed a solution, even if it was discarded it was a good initiative. you should try to inform the PO before starting on the fix that you're on it and get assigned to the issue. this resolves problems like 2 people working on the same project. 
* Other solutions could be to filter request based on `origin` header. 
the cronjob was the perfect solution. Thanks for including it in your report as well.

This report is very valuable and that's why I'll be staff-picking it from Bug-hunting category. 
Thank you for contributing to this project 

Your contribution has been evaluated according to [Utopian policies and guidelines](https://join.utopian.io/guidelines), as well as a predefined set of questions pertaining to the category.

To view those questions and the relevant answers related to your post, [click here](https://review.utopian.io/result/5/111211).

---- 
Need help? Write a ticket on https://support.utopian.io/. 
Chat with us on [Discord](https://discord.gg/uTyJkNm). 
[[utopian-moderator]](https://join.utopian.io/)
👍  , , , , , , , , , , , , ,
properties (23)
authorsachincool
permlinkre-mwfiae-bug-report-dos-vulnerability-in-the-steemplus-api-caused-by-the-spp-job-20180905t045348043z
categoryutopian-io
json_metadata{"tags":["utopian-io"],"users":["mwfiae"],"links":["https://join.utopian.io/guidelines","https://review.utopian.io/result/5/111211","https://support.utopian.io/","https://discord.gg/uTyJkNm","https://join.utopian.io/"],"app":"steemit/0.1"}
created2018-09-05 04:53:48
last_update2018-09-05 04:53:48
depth1
children2
last_payout2018-09-12 04:53:48
cashout_time1969-12-31 23:59:59
total_payout_value5.082 HBD
curator_payout_value1.630 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length1,224
author_reputation18,548,631,010,973
root_title"[Steemplus API] [v1.0] [Bug-Report] DOS Vulnerability in the API caused by the SPP-Job"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id70,359,805
net_rshares5,947,210,204,892
author_curate_reward""
vote details (14)
@mwfiae · 
Thank you very much for the review and the staff-pick! :) 

It's a shame that the pull-request wasn't merged because I mentioned it a few times... But I could have better used the github features to make it clearer and will certainly pay more attention next time :) 

Ultimately it only were a few lines of code, so hopefully it didn't cost stoodkev too much time to reimplement it.

Also thank you for your valuable feedback! I need to make sure to read more about the origin header :) 

Greetings,
Mw
👍  ,
properties (23)
authormwfiae
permlinkre-sachincool-re-mwfiae-bug-report-dos-vulnerability-in-the-steemplus-api-caused-by-the-spp-job-20180905t085436121z
categoryutopian-io
json_metadata{"tags":["utopian-io"],"app":"steemit/0.1"}
created2018-09-05 08:54:36
last_update2018-09-05 08:54:36
depth2
children0
last_payout2018-09-12 08:54:36
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length502
author_reputation8,649,692,852,318
root_title"[Steemplus API] [v1.0] [Bug-Report] DOS Vulnerability in the API caused by the SPP-Job"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id70,376,234
net_rshares398,164,121
author_curate_reward""
vote details (2)
@utopian-io · 
Thank you for your review, @sachincool!

So far this week you've reviewed 1 contributions. Keep up the good work!
properties (22)
authorutopian-io
permlinkre-re-mwfiae-bug-report-dos-vulnerability-in-the-steemplus-api-caused-by-the-spp-job-20180905t045348043z-20180908t214638z
categoryutopian-io
json_metadata"{"app": "beem/0.19.42"}"
created2018-09-08 21:46:39
last_update2018-09-08 21:46:39
depth2
children0
last_payout2018-09-15 21:46:39
cashout_time1969-12-31 23:59:59
total_payout_value0.000 HBD
curator_payout_value0.000 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length113
author_reputation152,955,367,999,756
root_title"[Steemplus API] [v1.0] [Bug-Report] DOS Vulnerability in the API caused by the SPP-Job"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id70,734,306
net_rshares0
Help/Feedback