[LRUG] Exception notifier and bots
Matthew Rudy Jacobs
matthewrudyjacobs at gmail.com
Thu Jul 31 06:44:46 PDT 2008
don't know if that's true Tom.
We get quite a few errors from bots trying to inject random stuff.
So they pump in params that don't exist, and we barf on them.
Don;t think we should explicitly be .slice-ing all incoming params just to
avoid this circumstance.
Particularly in #create calls.
Always try to avoid setter methods like this;
class Post < ActiveRecord::Base
def name=(value)
self.connection.execute("DROP DATABASE my_production_db")
self[:name] = value
end
end
Because Post.new(:name => "Matthew") will really mess you up!
2008/7/31 Tom Stuart <tom at experthuman.com>
> On 31 Jul 2008, at 11:16, Andrea (Q) wrote:
>
>> everyday i receive a lot of exceptions but the most of are from bot, there
>> is a way to manage that situation?
>>
>
> I know it's not a very helpful thing to say, but: don't you want to fix
> whatever problem is causing these exceptions, rather than just ignoring
> them? Presumably any exception encountered by a bot could just as easily be
> encountered by a user?
>
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20080731/8b8cb833/attachment.html>
More information about the Chat
mailing list