- Upwork Community
- /
- Community Discussions
- /
- Freelancers
- /
- Critical Security issue in Messaging Service
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Critical Security issue in Messaging Service
Oct 7, 2015 04:58:28 AM by Md. Shihab U
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Oct 7, 2015 04:58:28 AM by Md. Shihab U
Please check the link below , I have recorded the screen and uploaded the video in youtube
https://www.youtube.com/watch?v=EoKtyfWgnPA
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Oct 7, 2015 05:20:57 AM by Md. Shihab U
I dont think so, When we log out the current session and cookies get deleted so that user can't view anything without logging again, but when we are logged out from the site we still can send message and read new message from clients untill we reload the messaging page, I think before sending a message or recieving a message the system should check if the user is logged in or not.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Oct 7, 2015 05:20:18 AM by Jennifer M
Does the message actually send though? You see it in the window as sent, but that doesnt mean it was actually sent.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Oct 7, 2015 05:22:08 AM by Md. Shihab U
Didnt you notice I logged in again to check if the message was sent ot not, and the message was sent I checked by relogging in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Oct 7, 2015 05:27:09 AM by Jennifer M
You see it but is it actually sent? The customer can confirm that.
I've suspected that part of the messaging system issue is the sessions, so people type a message and it never goes through because they're logged out. This would follow along with my theory, but I'm just guessing.
.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Oct 7, 2015 05:31:56 AM by Md. Shihab U
I am confirming you the message was sent. i have checked it by re-loggin in afterdeleting Browser cache. yesterday My client also replied to my message,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Oct 7, 2015 05:48:44 AM by Md. Shihab U
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content