• Black Mantha (unregistered)

    The last one: Tragically, that's one error your luxurious handler won't help you find.

  • WTFGuy (unregistered)

    Ref Home Depot's coupon: That's an Easter Egg from the HD IT team to us IT folks. We can instantly see it's just a series of 4 digit blocks separated by %20 space characters for readability but ordinary schlubs who work on buildings can't redeem the code. Har har har. Since it's supposedly a 26 character code, there must be a short block someplace. At least they were thoughtful enough to include a horizontal scroll bar so we can maneuver to see the whole code; just clipping the end off would have been mean. Thank you HD IT folks wherever you are; we appreciate the joke. And the free $5.

    As to memegenerator.net's ASP.Net error dump: I notice the dumped urls of the source code are all to F:\Eff\Development\Code\Work...

    So maybe, just maybe, we've got a screenshot a dev took on their dev system while debug dumping was legitimately enabled. Either that or memgenerator.net is running production in dev. Naah, couldn't be ... could it?

  • Brian (unregistered)

    An online code browser for a government (or government-contracted) website, written in PHP? Oh, I bet someone could have lots of fun hunting TDWTF submissions in that.

  • my name is missing (unregistered)

    Showing all your internal information in an exception in production is a sure sign of concrete incompetence.

  • Robin (unregistered)

    Re the last one - I'm not familiar with whichever PHP framework this is (I avoid PHP like the plague it is), but clearly someone has managed to leave "debug mode" (or whatever this framework calls it) turned on in production. Tragically easy to do, especially by those who don't understand the security implications - the real WTF isn't though that someone did it but that there wasn't some sort of process to guard against it.

  • Long Time Lurker (unregistered)

    re: concrete dump

    at least concrete.proxy.password is not revealed.

    .. and is a Vespa a motorcycle?

  • Assan (unregistered) in reply to WTFGuy

    So maybe, just maybe, we've got a screenshot a dev took on their dev system while debug dumping was legitimately enabled. Either that or memgenerator.net is running production in dev. Naah, couldn't be ... could it?

    ASP isn't live-interpreting the .cs files, or is it? This might just be the path from which the .cs files where originally compiled from, but it doesn't have to meant that the server is running in that location.

  • ooOOooGa (unregistered) in reply to Long Time Lurker

    .. and is a Vespa a motorcycle?

    It is a scooter if I recall correctly. So, similar to a motorcycle.

  • TheJayMann (github) in reply to Long Time Lurker

    It depends on the Vespa model, as well as local and state jurisdictions. In my state, for example, looking at a couple of the Vespa models, the Sprint 150 would in fact be classified as a motorcycle, with all of the privileges and responsibilities given to any other motorcycle. Meanwhile, the Sprint 50 would be classified as a Motor Driven Cycle class B.

  • (nodebb) in reply to Robin

    Yep! It's Laravel, and yep, it's in debug mode. I'm allll too familiar with that screen haha.

  • Bill Turner (google) in reply to Robin

    This is a flip on the "I only test in production" - "I only run in development"

  • dusoft (unregistered) in reply to Robin

    It's Laravel and this is the default for DEBUG=TRUE variable in .env file. Unfortunately, this will also show db connection details including password etc.

    I guess they don't have separate dev and live .env files.

  • (nodebb) in reply to Assan

    This might just be the path from which the .cs files where originally compiled from

    This. However, this still means that they probably have no build pipeline and the last person to touch the code built it on their machine and copied it to production.

  • Gary H (unregistered)

    Thanks for reminding me with that callstack that .NET shares the same level of WTF-inducing abstraction insanity as Java.

  • Peter (unregistered)

    Wow, I saw that same memegenerator.net error live. It did happen on April 1st, so it could just have been an elaborate prank, but I cannot be sure.

  • Vusys (unregistered)

    The last one isn't Laravel. The handler is Whoops, and the CMS is concrete5.

  • dusoft (unregistered) in reply to Vusys

    Alright, then it uses the same Symfony stack and debug components so it looks like Laravel.

Leave a comment on “When Words Collide”

Log In or post as a guest

Replying to comment #:

« Return to Article