当前位置:WooYun(白帽子技术社区) >> Web服务器 >> 一款12306辅助购票插件,使得github的服务受到影响
见github运维给12306_ticket_helper(一款用于辅助在12306.CN上购票的Chrome&Firefox脚本)的issue:https://github.com/iccfish/12306_ticket_helper/issues/16jnewland opened this issue 6 hours ago
raw.github.com embeds disabled
No milestone
No one is assigned
Hi, I'm @jnewland, a member of GitHub's Ops Team.
We've detected that https://dynamic.12306.cn/otsweb/ is embedding several javascript files from this repo, causing a negative impact on our service. We've disabled hotlinking to resources from this repo via the raw.github.com domain for the time being.
I've contacted [email protected] about this, but figured I'd file an issue here too. If you're a developer on 12306.cn, please remove this embed and host this file from your own servers as soon as possible. Thanks!
大意是,github的运维发现来自https://dynamic.12306.cn/otsweb/的页面,内嵌了几个来自12306_ticket_helper项目库的脚本文件,导致github的服务出现负面影响。当前解决方法是暂时屏蔽从raw.github.com访问这几个脚本。
有意思的是,运维以为这个库是12306.cn的开发者,请求尽快删掉内嵌的内容。iccfish commented 5 hours ago
Sorry for this inconvenience, I will remove this script reference immediatly. This script used for check new version from repositiory, from now on this script will be removed, and will never do this agagin after they all update they client scrips.
Very sorry for this.
该脚本作者回应是说,这个脚本本意是用于提醒升级的,现在已经移除。
后面还有数个运维请求和应急调整情况,以及作者对这个问题的解释:在设计上,若脚本载入失败(http 40x)后,会5秒重试一次,结果惹祸。
具体见issue。
微博的评论是“看来以后要ddos什么网站,做个12306的插件就行了。”(http://weibo.com/1686211971/zeAYQhQTn)
有预感各种云会成为潜在灾区...
添加新回复
其它内容
- 暂无