Wiki

Case Status Kiln
Register Log In

Wiki

 
Common Plugin Errors
  • RSS Feed

Last modified on 8/19/2009 4:26 PM by User.

Tags:

Common Plugin Errors

This page is a list of common plugin errors, including those that we check when approving a plugin for FogBugz On-Demand.

XSS

For anything that's displayed on the page, enter "<script>alert("XSS");</script>".  If the alert pops up, there's an XSS vulnerability.

If any FogBugz entities are displayed (user names, bug titles, etc), make sure to try the above in all exposed fields.

Permissions Errors

Hit all accessible plugin pages as an Administrator, a Normal user, a Community user, and a Public (not logged-in) user.

Grid Column / Filter Errors

If the plugin includes any grid columns, try sorting by the column in both directions.

Also, search within a filter that includes the plugin columns / filter modifications for "editedby:me".  This will crash if the plugin does not obey the fIncludeSelect parameter correctly.