Change
Permit distinction between poking and initial requests
Issue description
When a store denies all requests to the unauthenticated user, it is currently not possible to distinguish between poking requests sent by a hacker with bad intent and the initial requests of valid users with good intent. After the challenge is sent, there is no check performed whether the URI 404s or not.
|
Work sessions
Start |
2018-06-15T06:42:28
|
End |
2018-06-15T08:46:35
|
Participant |
Robert Cerny
|
|
We are sorry
This page cannot be displayed in your browser. Use Firefox, Opera, Safari, or Chrome instead.