Re: [Openpacket-devel] OpenPacket.org RC2
Brought to you by:
crazy_j,
taosecurity
Menu
▾
▴
Re: [Openpacket-devel] OpenPacket.org RC2
|
From: Jeremy S. <st...@pa...> - 2008-02-03 14:24:03
|
Wow, the site's really coming along now. I like the revised design, especially the slick new graphics. I'm fairly worn out right now, but I browsed the site for a bit and took some notes. If I missed something obvious please feel free to point and laugh. Here are a couple of issues I've noticed: - On login failure, the login form is returned with the password field prepopulated along with the username - I tried a password reset for my account twice (before I remembered my password), but never received the email; not sure if it's just my account/email that's borked - On a forum thread page, the link to a user's profile redirects to the viewer's own profile (e.g. /profile/public_profile?userid=username -> /profile/show); should be /profile/public_profile/username instead? - On a forum page, threads don't appear to be sorted in any fashion (latest-post-first is typical) - Users are unable to edit their own forum posts (is this intentional?) - Users are unable to edit/withdraw their own captures (again, intentional?) - Might suggest switching to CSS-based rollovers for the menu images, considering a good percentage of users are likely to have disabled javascript Those notes aside, OpenPacket is really shaping up nicely! Keep up the great work! stretch Richard Bejtlich wrote: > Hello all, > > Thanks to yet more excellent, all-volunteer work by our developer > Sharri Parsell, I am happy to notify you RC2 of OpenPacket.org is now > available at > > http://beta.openpacket.org:8080/ > > Thank you to JJC of www.redsphereglobal.com for continuing to provide > hosting. JJC will host the site until it appears that we are > outgrowing his generosity. If you would like to sponsor us, please > contact me (taosecurity at gmail dot com). > > Please take another look at the site and report feedback to the > ope...@li... mailing list. > > This site is considered RC2 quality. We plan to announce RELEASE on 20 > February to coincide with the first day of Black Hat DC Briefings. > > If you are interested in assessing the security of the site, please > contact me directly. We can coordinate with Sharri and JJC to ensure > your discoveries do not catch us by surprise. We appreciate those of > you who did some XSS testing -- please try again and let us know what > you find. > > Sincerely, > > Richard > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2008. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > Openpacket-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openpacket-devel > > |
