I suggest you ...

← General

Bug: Userfly POSTs data

It seems that userfly makes POST requests to the destination server. This seems is a HUGE bug since Userfly is modifying server-side data.

For example, after watching this capture: http://userfly.com/captures/632647 I found that the form content submitted in screen 11 had actually been submitted to MY profile on the site. My name, description, etc had been changed to Nikki's. This must have occurred because I hadn't logged out of the site before playing the capture.

I've confirmed this bug by replaying the video while watching my server logs. Notice lines 1 and 12 are POST requests: http://dpaste.com/44164/

Userfly should never post data to the destination site. Since Divvyshot (and many other sites) accept anonymous POST submissions there's no way for my to work around this bug unless I block the Divvyshot site while watching userfly captures.

18 votes
Vote 0 votes Vote Vote
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Forgot password?
    Create a password
    I agree to the terms of service

    You'll receive a confirmation email with a link to create a password (optional).

    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    anonymousanonymous shared this idea  ·   ·  Admin →

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Forgot password?
      Create a password
      I agree to the terms of service

      You'll receive a confirmation email with a link to create a password (optional).

      Signed in as (Sign out)
      Close
      Close
      Submitting...
      • Brian CrayBrian Cray commented  · 

        This is a disaster of a bug. Userfly posted two comments to my blog when I watched sessions wherein users posted comments. Luckily one of the commenters noticed that their comments were reposted by me (I had a browser session running for my blog during the userfly replays).

      General

      Knowledge Base and Helpdesk

      (thinking…)
      Reset