Why the abuse here?

Posted: Fri Jan 05, 2007 7:39 pm

I had a new user try to post some html to the forums Smack

and got blocked for abuse.

Here is a link to part of the abuse report from Sentinel.

You'll probably have to save it to a file to see it all because it's all run together on a couple of lines.

There is just "a" and "img" tags in there.... no script tags or anything.

Site Admin Joined: Jun 04, 2004 Posts: 6433

It's usually a reserved word that's part of another word, but I didn't see anything other than object inside a tag that might have set it off.

Posted: Sat Jan 06, 2007 8:25 am

I am thinking it might be this line here under the $_POST section of that blocker code:

(eregi("<[^>]*object*\"?[^>]*", $secvalue)) ||

and the line containing "WebObjects" (in the href) might have tripped it.

While I know the prefix part of this regex would "trip", I need to analyze the suffix part to understand exactly what it is doing... but right now, I suspect that is it.

Posted: Sat Jan 06, 2007 10:15 am

If that is it, you might want to tighten that up a bit. Maybe

Code:




eregi("<[[:space:]]*ob~ject.*>", $secvalue)

I think I got that right. In any event, I'm trying to say:

< followed by 0 or more spaces, followed by ob~ject, and then any old junk up until a >.

The way you have it now is "a <, then anything but a > 0 or more times, then ob~jec followed by t 0 or more times, etc". I can see how that matched WebObjects.

(I had to mangle ob~ject to get it through sentinel here Smile

)

Posted: Sat Jan 06, 2007 10:51 am

I follow that, but I am not the developer. Personally, I wonder about the others too. I'll PM Bob to take a look at this and get his expert opinion.

Thanks Gremmie!