It Seemed So Clever

Thomas Construction offers a $75 gas cards to people on a direct mail list.  Users can visit a Web site to sign up for the program, and the URL for the site uses the name on the direct mailing as a subdomain instead of as a querystring parameter.

For example, B– here gets his information prepopulated:

B works.
Click for full size

Now, if you go to the www subdomain, you are recognized as a guest:

I am a guest.
Click for full size

Now, you know what the first thing I would check and one thing that nobody else would check at Thomas’s interactive agency, don’t you?

If you use a name it doesn’t recognize as the subdomain, you might’ve successfully Captain Kirked the machine:

 Now, with the machine confused, you can engineer your escape from the planet.
Click for full size

Does that look like an infinite loop to you?  I cannot say because:

  1. Dammit, Jim, I a tester, not a theologian!  I cannot argue the nature of the Infinite!
  2. I was not patient enough to see if it ever came up with something useable; after a couple minutes, it had not.  The browser made the clicking noise, and the blank screen above displayed again and again.

Sure, Quick Testing tips advises you to increment a number in the querystring to see what happens.  Here at QAHY, we say do everything to the querystring and see what happens.  Including the subdomain.

This entry was posted on Friday, April 24th, 2009 at 5:47 am by The Director and is filed under Dirty Tricks, Failed Web sites. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

No Responses to “It Seemed So Clever”

  1. pberry Says:
    April 29th, 2009 at 5:09 am

    I love querystrings. “But a user would never do that!” comes the developer’s retort. But if they can, they will…

  2. The Director Says:
    April 29th, 2009 at 11:05 am

    QA is not about would. QA is about can.