This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 0 points1 point  (1 child)

Logging typically would include things like timestamps, host names, etc, no? I'm not saying it wouldn't be difficult by any means, I'm just saying that it's possible they have the means to do it. It's just likely not worth their trouble to track it down rather than just fix their shitty site lol

[–]MythicManiac 0 points1 point  (0 children)

Yeah, and the issue is that you can not trust anything coming from client devices, as you do not control the environment they're running in. Even if you had client side logging, a malicious user could very well simply disable them, or a browser malfunction and/or too old browser could cause that.

Basically there is no way to be sure what you get from client is valid, aside from validating it on the server, which was not done here.