Steve (steve) wrote in lj_dev,
Steve
steve
lj_dev

Underscores in user names and security

There seems to be a security problem when using user names with underscores. When I visit lj_abuse.livejournal.com no journal entries are displayed. However, visiting lj-abuse.livejournal.com or www.livejournal.com/users/lj_abuse I see all my protected entries just like they are supposed to be (I'm logged in). I should be able to see them when using lj_abuse.livejournal.com, right? I believe this means there's some type of bug that affects the translation of usernames from "_" to "-" or vice versa.
Subscribe

  • cl-journal livejournal client

    Hey everyone, I'd like to present a livejournal client that I wrote to fulfill my needs but maybe there are other people that can find it…

  • SessionGenerate and ljloggedin

    Are there any information after release 86 and changes in cookies scheme to use sessiongenerate? It returns ljsession key, but this key is not enough…

  • Retrieving comments

    Hi, Is there a way to retrieve a list of comments made by user XXX (which may or may be not the currently logged in user) in the journals of users…

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 12 comments

  • cl-journal livejournal client

    Hey everyone, I'd like to present a livejournal client that I wrote to fulfill my needs but maybe there are other people that can find it…

  • SessionGenerate and ljloggedin

    Are there any information after release 86 and changes in cookies scheme to use sessiongenerate? It returns ljsession key, but this key is not enough…

  • Retrieving comments

    Hi, Is there a way to retrieve a list of comments made by user XXX (which may or may be not the currently logged in user) in the journals of users…