Ingredients for all recipes of the world—but no cooking instructions (Lightningtalk)

von Daniel Böhmer (Leipzig.pm)

Ingredients for all recipes of the world—but no cooking instructions richtet sich an Alle und wird in English gehalten.

During unit testing I found a security vulnerability in my project Coocook.org. It allowed retrieving and manipulating the ingredients list of any recipe on Coocook without authentication/authorization. An attacker wouldn’t get the name of recipes or cooking instructions, though. This is a personal war story I experienced in February.

Teilnahmeinteresse:

• Karoly Jely (‎Charlie‎)
• Nicholas Clark
• Tina Müller (‎tinita‎)
• Alexander Sigel (‎raku_punk‎)