Skip to content

Fix voting security: block voting before game starts and after game ends#2591

Open
khushal-winner wants to merge 4 commits intoOWASP:masterfrom
khushal-winner:voting-security-fix
Open

Fix voting security: block voting before game starts and after game ends#2591
khushal-winner wants to merge 4 commits intoOWASP:masterfrom
khushal-winner:voting-security-fix

Conversation

@khushal-winner
Copy link
Contributor

@khushal-winner khushal-winner commented Mar 10, 2026

Closes - #2568

  • Pre-game voting blocked - No voting before started_at is set
  • Post-game voting blocked - No voting after finished_at is set
  • Server-side validation - Cannot be bypassed by client manipulation
  • Security logging - Logs unauthorized voting attempts
  • Comprehensive tests - Covers all edge cases

@khushal-winner khushal-winner mentioned this pull request Mar 10, 2026
Closed
3 tasks
@khushal-winner khushal-winner force-pushed the voting-security-fix branch 2 times, most recently from ba99bce to 0b19cd4 Compare March 10, 2026 15:42
@sydseter
Copy link
Collaborator

sydseter commented Mar 12, 2026
edited
Loading

@khushal-winner your code has a build error.

sydseter
sydseter requested changes Mar 12, 2026
View reviewed changes
Copy link
Collaborator

@sydseter sydseter left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to fix the build.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sydseter sydseter sydseter requested changes

@rewtd rewtd Awaiting requested review from rewtd rewtd is a code owner

@cw-owasp cw-owasp Awaiting requested review from cw-owasp cw-owasp is a code owner

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@khushal-winner @sydseter