amarfurt
commented
7 years ago Refers to version that has been moved.
Closed LukasReschke closed 7 years ago
amarfurt
commented
7 years ago Refers to version that has been moved.
There are some error pages that simply put out text and most of it is user controlled, for example:
https://demo.midata.coop:9000/records/FOO/file
Puts out something like:
So something like https://demo.midata.coop:9000/records/@Please%20contact%20midata.Please%20contact%20support@midata.com%20with%20your%20password/file:
Will put out:
Users are generally considered not to be super tech-savvy and there is a good chance that people might do what an error message is telling them to do. (to make it a bit more fancy it's also possible to URL encode the data so that the URL doesn't leak the text)