1 |
Bjarke Istrup Pedersen wrote: |
2 |
|
3 |
> Something interresting has happend since last, the new bugday site has |
4 |
> gone into official beta, and can been seen on |
5 |
> http://bugday.gentoo.org/bugdaytest . Please do some testing with it, |
6 |
> and report any bugs you find back to me. |
7 |
|
8 |
Bug #1: |
9 |
Do *NOT* ask for Bugzilla credentials over plain HTTP! |
10 |
|
11 |
Even if it is just beta testing, you are using real account information |
12 |
and that is a very bad approach as far as security practices go. |
13 |
|
14 |
Add SSL support (or fix it, 'cause https://bugday.gentoo.org/bugdaytest/ |
15 |
is a 404 and https://bugday.gentoo.org/ is plain bugs.gentoo org or is it?) |
16 |
|
17 |
Bug #2: |
18 |
Add an error page explaining what is wrong with a login attempt |
19 |
|
20 |
If you try to login, you are just thrown back to the original URL (slightly |
21 |
dressed up as http://bugday.gentoo.org/bugdaytest/bugday.php) without any |
22 |
notice of a failed login attempt. |
23 |
|
24 |
When Bug #1 gets fixed, I can further test. |
25 |
|
26 |
Kalin. |
27 |
|
28 |
-- |
29 |
|[ ~~~~~~~~~~~~~~~~~~~~~~ ]| |
30 |
+-> http://ThinRope.net/ <-+ |
31 |
|[ ______________________ ]| |
32 |
|
33 |
-- |
34 |
gentoo-dev@g.o mailing list |