lucidiot/itsb
lucidiot
/
itsb
1
1
Fork 0
Code Issues 61 Pull Requests Releases Wiki Activity

GCAA custom feed #30

New Issue
Open
opened 2020-08-05 07:43:50 +00:00 by lucidiot · 1 comment
lucidiot commented 2020-08-05 07:43:50 +00:00
Owner
Copy Link

United Arab Emirates' General Civil Aviation Authority.

Getting the full list of final reports is going to be pretty complex: the amount of data sent by a POST request with all the filters is huge enough to cause issues in my terminal. To see it, open your browser's developer tools, apply the Final report status filter and click Search, then a 100 page size and click Apply. This will trigger two rather slow POST requests with all the fields. I am pretty sure you could do a DDoS attack on this website just by clicking a lot on these buttons…

https://www.gcaa.gov.ae/en/departments/airaccidentinvestigation/pages/investigationreport.aspx

United Arab Emirates' General Civil Aviation Authority. Getting the full list of final reports is going to be pretty complex: the amount of data sent by a POST request with all the filters is huge enough to cause issues in my terminal. To see it, open your browser's developer tools, apply the `Final` report status filter and click Search, then a `100` page size and click `Apply`. This will trigger two rather slow POST requests with all the fields. I am pretty sure you could do a DDoS attack on this website just by clicking a lot on these buttons… https://www.gcaa.gov.ae/en/departments/airaccidentinvestigation/pages/investigationreport.aspx
lucidiot added the
feed
 label 2020-08-05 07:43:50 +00:00
lucidiot commented 2020-08-08 17:59:17 +00:00
Author
Owner
Copy Link

Including the long __EVENTVALIDATION field caused 500 errors to be returned as some strange |-separated text. It seems a piece of JavaScript code splits by | then takes the HTML field and pastes it into the page. It also seems the fields that start with __ are the most important, including __VIEWSTATE which is the worst field of them all.

I might just need to make an initial request just to get the form fields and build the actual POST request…

Including the long `__EVENTVALIDATION` field caused 500 errors to be returned as some strange `|`-separated text. It seems a piece of JavaScript code splits by `|` then takes the HTML field and pastes it into the page. It also seems the fields that start with `__` are the most important, including `__VIEWSTATE` which is the worst field of them all. I might just need to make an initial request just to get the form fields and build the actual POST request…
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
external cause:politics

Politics are impacting a specific feed, and there is nothing ITSB can do about it.

  
external cause:upstream bug

The feed's data source has an issue that the data provider should resolve themselves.

  
feed

An issue related to a specific feed

  
help wanted

External contributors are welcome to help.

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No Label
bug
duplicate
enhancement
external cause:politics
external cause:upstream bug
feed
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: lucidiot/itsb#30
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?