Re: [Rails] Someone is redirecting my app to a fake page - sometimes

On 8 December 2012 23:00, comopasta Gr <lists@ruby-forum.com> wrote:
> Hi,
>
> I have a site where I have noticed that a couple of times /#login is
> added automatically to the end of the url by someone/something.

What do you mean when you say it is added automatically to the end of
the url? Where do you see it appear? Is it when you click a link in
your app (in which case check the url in the source of the page
containing the link) or does it just appear in the url bar of your
browser as you are typing something, in which case it is just that at
some point you have tried to visit that page and it is the type-ahead
in the browser entering it.

> That
> displays a site called "Quizboard" and asks for a username and password
> inside our page. The first part of the url is the domain of my app.
>
> That has happened at least 2 times and it is intermittent, normally it
> ends up in the real application.

What *exactly* has happened at least 2 times?

>
> The app is hosted at Heroku and uses CloudFlare to get the SSL
> protection.
>
> I have verified that when visiting that url it does not hit the heroku
> app at all.
>
> Anyone has an idea of what's going on? Any recommendations?
>
> I'm currently checking the app with http://brakemanscanner.org/ trying
> to cover any even weak reports by the tool.

Is that relevant to the question?

Colin

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.