I couldn’t believe this when I read it on adrants, but it’s true. So here’s the scenario:
Jason Roe found a little bug on the site Ryanair (a travel site) which makes it seem as though upon checkout, the traveler owes $0.00, obviously a bug. Jason posted about the bug and the kind folks at Ryanair responded with some completely idiotic comments. Take a look at these gems:
Ryanair Staff #1 Says
jason!
you’re an idiot and a liar!! fact is!
you’ve opened one session then another and requested a page meant for a different session, you are so stupid you dont even know how you did it! you dont get a free flight, there is no dynamic data to render which is prob why you got 0.00. what self respecting developer uses a crappy CMS such as word press anyway AND puts they’re mobile ph number online, i suppose even a prank call is better than nothing on a lonely sat evening!!
Ryanair Staff #2 Says:
Hehe – I found a bug that lets me show anything I want on your site.
All I have to do is put something along the lines of javascript:void(document.write(’hehe’)) into the address bar, and I can do whatever I want with your site ( or indeed any other site ).
I’m not sure what you think you’ve achieved here – that wouldn’t have gotten you through to the back end. You wouldn’t even have been able to enter passenger information.
You must never have seen a decent exploit, if you think this is something worth bragging about.
There is another exploit you could try – wait until we’re running a promotion when we give away a million odd seats for free anyway.
Ryanair staff #3 Says:
Website is not perfect, Life is not perfect…
If you would work in your pathetic life on a such big project in a such busy environment with so little resources, you would know that the most important is to have usual user behavior scenarios working rather than spending time on improbable and harmless things.
We very well know about these anomalies and unless it is not critical we are not going to sacrifice time to this.
If you would be a serious programmer you would know these things and would not post any of this on the web if you would think it can cause us troubles, but you would report to us directly.
Even you did not discover anything major you are still trying to benefit from this.
If I would be you I would think of consequences this can have.
If you would be a serious developer you would work out your About page as well. Or is this really about you? What is that bunch of links there? I could give my review of those websites and it would not be positive probably, but really I don’t know if you actually worked on them or what exactly you did and how big influence you had to make changes there. So keep working on yourself and don’t post bollocks.
There are several other back and forths between Jason and Ryanair which you can see on his blog. The point is that this is an absolute disaster for Ryanair. I don’t know who at the company said it was ok to respond to comments in this fashion but they should be fired…now.
what do you think of this madness?
Comments