User talk:MikeMol: Difference between revisions
→cloudflare issue: time range, severity, scope
(→cloudflare issue: time range, severity, scope) |
|||
Line 51:
did rosettacode use any of these features? if not then it should actually not be affected at all. [[User:EMBee|eMBee]] ([[User talk:EMBee|talk]]) 04:26, 25 February 2017 (UTC)
: Good point; I should only need to expire passwords for accounts touched during the affected period. However, understand that RC didn't need to have those features enabled to be affected; those features resulted in the client being sent data that was resident in memory on Cloudflare's systems, they didn't have control over whether data would be in that memory in the first place; if someone logged into RC, their credentials would be in memory for a time. Then someone else makes a request from some other site with those features enabled, and they would get some chunk of Cloudflare's server's memory sent to them. This is a very, very common misunderstanding from people who've only read Cloudflare's blog post on the subject, and Cloudflare has unfortunately downplayed the severity and scope of the issue. --[[User:Short Circuit|Michael Mol]] ([[User talk:Short Circuit|talk]]) 04:33, 25 February 2017 (UTC)
==Is file uploading blocked forever?==
| |||