Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

Please explain how this is not a security issue

Go to End

2 Posts   1472 Views


Community Member, 5 Posts

17 March 2011 at 11:19am

As I understand it, an attacker could easily send a request for /?flush=1 a few times a second, thereby overriding the sites caching mechanism, which could cause trouble on busy sites.

I'm aware that you're not supposed to post security issues here. However, I'm pretty confident that my understanding, as outlined above, is missing something.

Can someone fill me in on what I'm missing?


Community Member, 271 Posts

17 March 2011 at 12:35pm

This only works in Dev mode...