I4:FeatureTest-Selector DOS Avoidance

From OSIS Open Source Identity Systems
Revision as of 00:24, 15 June 2008 by Mike.Jones (Talk | contribs) (Browser DOS Avoidance -> Identity Selector DOS Avoidance)

Jump to: navigation, search

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|FeatureTest-Selector DOS Avoidance}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Identity Selector DOS Avoidance|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=FeatureTest,from={{#var:page}},namespace=I4|copy]]  [[Special:Call/DT Articles list XML,type=FeatureTest,title={{#var:page}},namespace=I4|as XML]]  edit
{{#if:|Feature Test |Feature Test }}   Identity Selector DOS Avoidance
Test Type   bgcolor={{{color}}}}}|Selector Invocation
Identifier   bgcolor={{{color}}}}}|FTR-iis-rptrigger-5  
Description   bgcolor={{{color}}}}}|Tests that it is possible to escape a DOS loop where control is constantly sent to the selector  
Role tested   bgcolor={{{color}}}}}|Information Card Identity Selector  
Known Successful Reference Solution(s)   bgcolor={{{color}}}}}|{{ #if: |
[[I4:]]}}{{ #if: |
[[I4:]]}} {{ #if: https://pamelaproject.com/osis/catalyst-eu-07/form-submission/test3a.php |
https://pamelaproject.com/osis/catalyst-eu-07/form-submission/test3a.php }} {{ #if: |
Success Criteria   bgcolor={{{color}}}}}|Selector is triggered (note that the transaction does not need to complete)  
Failure Criteria   bgcolor={{{color}}}}}|Selector is not triggered  

Features Proven


 |noresultsheader= {|\n|bgcolor=#eeeeee|No matching Feature found.\n|}\n
 |linksto=I4:FeatureTest-Selector DOS Avoidance
 |nottitlematch = Feature.edit
 |includematch=/FeatureTest-Selector DOS Avoidance/s




  1. Note #1: this test is based on JavaSrcript submission - if you fail the Javascript Test, this test will not run for you.
  2. Note #2: this test will loop 20 times - long enough to try things to get out, but not indefinite. If you cannot escape the loop, just keep cancelling/exiting the selector, and control will eventually be restored.
  3. Note #3: The test is merely a form containing an information card object that posts to itself 20 times in a row. If you want to see exact source code, as meager as it is, contact Pam.


  1. Open the result page for the solution for this particular featuretest.
  2. In a different browser tab or window, open the link to the test (listed above)
    1. Selector should immediately open -- if it does, choose to exit, or cancel (if you submit a card, it won't be read)
  3. Every time you exit the selector, you will be redirected back to a page which yet again auto-submits the selector.
  4. In the case of selectors which take control away from the user, there should be some way to disable the selector from starting the next time around, so that the evil looping code can be dealt with.
    1. Set outcome:
    2. If there was a way to pause and/or disable invocation of the Selector in order to terminate the loop, set the outcome to Works
    3. If you cannot get out of the loop, set the outcome to Fails
    4. If you saw specific issues, mark the outcome as "Issues" and outline the issues by commenting on the "Talk" tab of this page
  5. Add either four tilde ~~~~ signs or a text name into the "testedby" parameter
  6. Update the date tested, operating systems, and tested solutions parameters of the results page