Jump to:

21288 Posts in 5733 Topics by 2602 members

General Questions

SilverStripe Forums » General Questions » Please explain how this is not a security issue

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Howard, Sean, Ryan M., biapar, Willr, Ingo, swaiba, simon_w

Page: 1	Go to End
Author	Topic:	505 Views

brianmwaters

Community Member
5 Posts

Please explain how this is not a security issue

17 March 2011 at 11:19am

As I understand it, an attacker could easily send a request for /?flush=1 a few times a second, thereby overriding the sites caching mechanism, which could cause trouble on busy sites.
I'm aware that you're not supposed to post security issues here. However, I'm pretty confident that my understanding, as outlined above, is missing something.
Can someone fill me in on what I'm missing?
Martijn

Community Member
270 Posts

Re: Please explain how this is not a security issue

17 March 2011 at 12:35pm

This only works in Dev mode...

		505 Views
Page: 1	Go to Top

On to “The news!” - News via the ModelAdmin

Simon 'Sphere' Erkelens is a freelance developer, fulltime employee of We::Code in the Netherlands with a tertiary background in applied physics. Before that, Simon worked for Squal Media. He started using SilverStripe at the end of 2009. Simon has given multiple presentations on implementing...

Read on

Follow @SilverStripe

Quick links

Ask questions in our Forums

Learn all about our CMS

Download SilverStripe

Try SilverStripe yourself in our online demo

Get inspired. See our Community Showcase

Learn all about the SilverStripe Framework

See all the free support options we offer

Stay up to date with our SilverStripe Newsletter

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.

Privacy Policy