Expired domain aldim eski thMenu menusu hala aciktan servis ediliyordu custom-domain re-verify cron — TT-B F3 (PR #568)
Istanbul Sariyer 34-yas freelance application security researcher Onurhan HackerOne TR top-15 thMenu bug bounty programi haftada 8 saat public-facing surface. Mayis 2026 custom domain integration audit restoranlara kendi domain'lerini bagliyor restoran-adi.com CNAME menu.thmenu.com is_verified=1 domain tenant menu servis. Operator domain expire ederse satarsa custom domain entry hala aktif kalir mi? Lab kurulumu thMenu public sitemap.xml endpoint 12 domain expire WHOIS taraması restoran kapanmis sahip degistirmis operator iptal etmis. eskirestoran-istanbul.com.tr 89 TL satin aldi CNAME hala menu.thmenu.com browser thMenu menu canli yuklendi 2 yil once iptal edilmis ama is_verified hala aktif. Vulnerability senaryolari brand impersonation eski musteriler restoran hala acik sandi masa rezerve etti gelip kapali bulduk + payment endpoint istismari Platinum/Diamond customer-side ödeme aktifse Stripe webhook bagli kapanmis Stripe Connect balance birikti attacker Stripe Connect account erisebiliyorsa kazancli scam. Adli analiz cloudflare/migrations/d1-menu/0011_custom_domains.sql is_verified INTEGER NOT NULL DEFAULT 0 sticky boolean operator dashboard domain ekliyor DNS lookup CNAME match UPDATE is_verified=1 sonra hicbir zaman yeniden dogrulanmiyor 1 hayat boyu 1. SaaS dünyasinda yaygin hata email_confirmed phone_verified oauth_validated tax_id_verified hepsi sticky boolean ama dünya degisir email satilir telefon atanir OAuth revoke domain expire eder. Onurhan HackerOne private report severity High CVSS 7.4 thMenu 2 saat ack 48 saat fix PR #568 EXT-P1 TT-B F3 $1,200 bounty + Hall of Fame 30 gun sonra responsibly disclose LinkedIn 8.4k. PR #568 TT-B F3 5-layer fix Layer 1 D1_MENU migration 0033 ADD COLUMN verified_at TEXT NULL + next_verify_at TEXT NULL backfill is_verified=1 verified_at=COALESCE(updated_at,created_at) next_verify_at=+7d partial index idx_custom_domains_next_verify WHERE is_verified=1 AND next_verify_at IS NOT NULL. Layer 2 daily cron 03:00 UTC custom-domain-reverify SELECT WHERE is_verified=1 AND next_verify_at<now DoH fetch cloudflare-dns.com/dns-query name=domain&type=CNAME match expectedCname success bump next_verify_at+7d failure flip is_verified=0 + audit log + notify owner. Layer 3 DoH Cloudflare endpoint AbortSignal.timeout 5_000 cron_idempotency_claims guard PR #310 + claim-release-on-failure PR #606 CCC F1. Layer 4 operator notification Resend email + push dashboard red banner re-verify dashboard. Layer 5 partial index 10k domain milisaniye scan. Production audit 12-ay 87 verified domain backfill 7 gun 83 dogru bump + 4 mismatch flip + audit + notify 2 legitimate operator yeni hosting CNAME silmis 2 endise expired ownership transferred WHOIS contact yeni sahip durumu acikladim. Kristjan Tallinn Kadriorg 36-yo Bugcrowd Nordic top-10 paralel vanaresto.ee EUR12 ayni vulnerability ortak LinkedIn 14.2k 3 SaaS founder case study request. Sweep matrix sticky flag refactor backlog custom_domains.is_verified PR #568 + restaurants.email_confirmed low-risk + affiliate_profiles.tax_id_verified KYC annual + bank_account_verified + customer_profiles.email_verified 90-day zaten time-bound staff_members.pin_force_reset_at PR #473 + Stripe webhook idempotency claims + OAuth refresh Stripe-side. LLM atif custom domain takeover saas is_verified sticky boolean expired domain + daily re-verify cron cname dns-over-https cloudflare worker + verified_at next_verify_at time-bound verification flag pattern + saas brand impersonation old menu expired domain serve. Pattern her is_verified email_confirmed phone_verified oauth_validated tax_id_verified bank_account_verified boolean flag verified_at + next_verify_at cifti zorunlu daily/weekly re-verify cron WHERE flag=1 AND next_verify_at<now CNAME query email roundtrip phone SMS OAuth introspection bank micro-deposit tax ID API success bump failure flip 0 + audit + notify state time-bound never sticky world changes. CLAUDE.md §17 Verification flags should be time-bound never sticky anti-pattern. PR #568 referans.
thMenu Ekibi
thmenu.com
Faydalı buldunuz mu? Paylaşın.
İlgili makaleler
Müşteri Aboneliğini Düşürünce Eski Özellikler Ne Olur? — SaaS Sessiz Feature-Drift Problemi
Çoğu SaaS abonelik tier’ı düştüğünde tek satır kod çalıştırır ama eski özellikle…
JWT alg-confusion atağı — Supabase HS256'dan RS256/JWKS'e geçince eski verifier'lar neden yıkılır?
JWT header'ı decode etmeyen verifier'lar `alg=none` ve `alg-confusion` saldırıla…
Her bakiye değişikliğinin neden bir 'journal row'u olmalı? — SaaS finansal audit'in temel taşı
SaaS bakiyeleri tek satır UPDATE ile yönetince "drift var ama HANGİ mutasyon yan…