this repo is deprecated, please refer to https://bounty.tokopedia.net/rules
tokopedia / bug-bounty Goto Github PK
View Code? Open in Web Editor NEWTokopedia Bug Bounty Policy
Tokopedia Bug Bounty Policy
this repo is deprecated, please refer to https://bounty.tokopedia.net/rules
Hi @tokopedia team, I just found a vulnerability in Tokopedia site recently, however, when I want to submit my finding through https://bounty.tokopedia.net/ I can't seem to get through the registration process, as I found the email verification step doesn't work (I've tried using 3 different email). Is there any step that I missed or any other channel to submit the bug report? Thanks.
deleted.
Point masalahnya ada, saat saya ada di page salah satu toko, saya sudah scroll banyak ke bawah, kemudian saya membuka salah satu produk di etalase toko tsb. Tapi setelah menekan tombol “back” (<), etalase dari toko tsb malah reload ulang, alias history scroll saya tadi hilang, harus scroll ulang lagi, padahal tadinya sudah jauh di bawah. Sangat menjengkelkan ketika etalase toko punya banyak sekali produk.
Terima kasih..
FYI: iPhone 6s, iOS 12.4.1
link: https://www.tokopedia.com/order-list?filter=13
note: Pesanan sudah selesai semua dalam proses transaksi, ada 1 order yang satatusnya masih tertahan
Pilih item yang ada di wish list, lalu klik link referensi pada deskripsi produk, maka tidak masuk ke link yang dituju melainkan ke home.
Link video
Setelah pilih barang proses tinjau lama, tidak bisa di gerakan.
debet payment menggunakan mandiri sering gagal, sebulan ini saya sudah mengalami lebih dari 3 kali.
Link Salin No. Resi menyertakan space pada nomor resi yang disalin sehingga memberikan "%20" saat pasting di website tracking yang tidak melakukan trimming seperti Ninja Express. Akibatnya nomor resi yang diinput tidak dikenali.
Tombol back yang ada di ovopaylater tidak berfungsi. Seharusnya saat menekan tombol back akan kembali ke halaman sebelumnya.
The 'Bug Bounty Program Terms' link are broken. 😢
Apabila kita unsinstall App, kelihatannya Session tdk terhapus. Sehingga bila bila installa lagi, maka kita langsung bisa gunakan App tanpa perlu login lagi
Laporan Samsun.docx
Emm.. gimana ya. Boleh dianggap bug atau bukan, tapi sy sebagai user sptnya kurang nyaman.
Step to reproduce
Actual result:
Pesan errornya Gagal mengambil data
, namun lucunya ada tombol "Coba lagi" untuk merequest ulang. Padahal kalo direquest ulang seribu kali bahkan sejuta kali tetap hasilnya error 400 juga, karena kurir diluar jangkauan.
response:
{"errors":[{"id":"541","status":"400","title":"No data found."}]}
Statusnya 400
, tapi titlenya No data found
. Saya ndak tahu apakah tokopedia punya standarisasi code status sendiri.
Setahu sy 400
itu umumnya seputar kesalahan request bisa karena salah parameter atau lainya.
Kalo data not found
biasanya 404
.
Atau statusnya tetep 400
, tapi lebih baik pesannya diganti misalnya Diluar jangkauan!
agar user langsung tahu kesalahannya.
Matur nuwun.
Halaman web di http://www.tokopedia.com/help/article/a-1669?refid=st-1127 tidak dapat dimuat karena:
fond weird component that always move by it self see video on this link https://drive.google.com/file/d/1uPFkO5Atm57_fgL1nVcY36e_32Qf89li/view?usp=sharing
i dare you to fix this
Click menu "Produk Anda" on "Akun Toko" page, then it redirects to Home Page.
I tried to order airplane tickets in Kopedia because there was a promo. but many times I searched for schedules that I couldn't.
then I search for it and it looks like there is an error, there is a parameter that shouldn't be null but becomes null.
Please check it,, the error message was like this
java.lang.IllegalArgumentException: Parameter specified as non-null is null: method d.c.b.g.j, parameter airline
at com.tokopedia.flight.searchV2.data.b.a$c$1.a(FlightSearchRepository.kt)
at com.tokopedia.flight.searchV2.data.b.a$c$1.call(FlightSearchRepository.kt:27)
Saya menemukan bug di tampilan terbaru tokopedia
Coba dengan buka salah satu toko di tokopedia lalu pilih kategori setelah itu coba pindah ke kategori lain (disini bugsnya karen tidak bisa pindah kategori)
Ini cukup mengganggu, semoga cepat di perbaiki, kemungkinan karena permasalahan state management nya.
Template Laporan - Bug Report Tokopedia.docx
I attach doc template report bug bounty for your review.
Best Regards.
M Ridhwan K
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.