Permalink
Browse files

removing the hints about registering after the event is closed

  • Loading branch information...
1 parent 34ae535 commit f4cf4ec89aa44cfe5ce3d1d9d78c20d56b16030a @croaky croaky committed Jan 31, 2011
Showing with 2 additions and 16 deletions.
  1. +2 −13 README.md
  2. +0 −2 app/controllers/registrations_controller.rb
  3. +0 −1 app/views/registrations/_closed.html.erb
View
@@ -15,16 +15,5 @@ It is deployed to [Heroku](http://heroku.com).
Registration is now closed as we're flirting with a fire code violation.
-However, the source code contains some hints. Here are some more hints.
-
-We're using [Rails routing conventions](http://guides.rubyonrails.org/routing.html).
-
-Read [Section 9.5](http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.5), the section on POST requests, of the HTTP spec.
-
-You might want to type this from a shell (Terminal.app on a Mac):
-
- man curl
-
-The best way to figure it out is to play with it, hands-on. You can use our [staging site](http://dddd-staging.heroku.com/) to practice before you try it on production.
-
-The tricky part is dealing with [Rails' security countermeasures](http://guides.rubyonrails.org/security.html#csrf-countermeasures) against cross-site forgery.
+After registration closed, we temporarily allowed people to [hack their way into registering](http://bit.ly/curl-rails-authenticity-token)
+using cURL or Web Inspector. That fun loophole is now closed.
@@ -9,8 +9,6 @@ def new
end
end
- # params hash will look like:
- # "registration"=>{"name"=>"Bob", "school_name"=>"Boston College", "role"=>"Developer", "twitter"=>"bobbybc"
def create
# @registration = Registration.new(params[:registration])
@@ -4,5 +4,4 @@
<div id="registration-closed">
<p>Registration is now closed through the web interface. Thank you to everyone who has signed up!</p>
- <p>However... this website is <a href="https://github.com/thoughtbot/dddd">open source</a> and you'll find there's still a way to register through other means. If you can get your name, school, and role into the database, we'd love to have you attend!</p>
</div>

0 comments on commit f4cf4ec

Please sign in to comment.