Tickets -- multiple browser tab warning?

[eFestivals]

But I won't have anything to try on if she's using it.

ahhh ... I was presuming you'd at least have a 'puter each.

I'm surrounded by the bleeding things every way i turn, so i tend to forget that not everyone is.

[HoTWire]

I've had fairly limited experience of using server sessions, but unless i'm misunderstanding something (and it wouldn't be the first time ) a proper queuing system is a breeze to set-up, and I can't see how an ajax driven system would be open to abuse*.

(* nothing more than the sort of standard security holes that get found in software from time to time).

[smudger]

So.....we're all still agreed multipliable windows but with just the one tab?

just one question, if the tabs are the same session then why in previous years have I had one tab go through and the rest still not loading? Wouldn't it be if one gets through they'd all follow suit? I've usually had four windows open in the past, all with about 20 tabs and have found they get through randomly. Same goes for each stage of the booking process so on some windows I'd have tabs with a 'server busy' message, some with the see holding page, some with the reference numbers and some with the credit card page.

Also is there a consensus on whether multipliable windows with one browser is the same as multipliable different browsers, chrome, firefox etc

Ok that's two questions.....

[phillyfaddle]

Latest advice from @GlastoFest on Twitter tonight:

1) There is no queue system

2) So if you get the auto refresh page, press F5

3) Use just one tab. Multiple tabs confuse the system

They didn't answer my specific question, but I followed answers to others Q's.

Hope that's useful (and accurate!)

[angelin]

Oh I will be on a tablet does that less an my chances?

[frostypaw]

Four windows with twenty tabs each? Jaysus Christ.... No wonder their systems can't cope that's 80 requests for one person trying

The scary thing is I bet lots of people do this - if that's just 250,000 peeps trying that could easily be 10 million or more requests....

The trick is not just to try and cheat but to try and cheat hardest

[topmarksbri]

Does anyone have experience using a Tor browser for tickets and whether that increases/decreases chances?

[eFestivals]

Queuing systems at a basic level are pretty easy, give a session ID a position in the queue, move it up until it is at head of queue, direct to relevant page. Jobs a goodun. However you'd probably want some kind of progress notification which you can do with Ajax stuff. Which is the point at which you've opened a hole into your system that someone suitably smart could exploit in some way . Depending on how much info you put in the cookie and how your js application is structured (because it is all client side it is all available) it could be possible to do nefarious things. So yeah,.. not a hard problem per se... but one it takes time to do well! .... of course you could skip that and do an auto page refresh to update progress, seeing as the session ID will be constant, which means you can leave everything server side.

Eh? What do you need a cookie for? .... the whole point of server sessions is that no cookie is required.

As far as I'm aware the only thing open to manipulation is the session ID - which doesn't do you any good to play with it, as all you could achieve by doing so would be to lose your place in the queue.

edit: the problem with using sessions for the likes of See is that there's too much traffic for one server to cope with, which does get to mean that sessions without also using cookies wouldn't work (because sessions are server specific).

So in the real world, See would need to use a cookie to store the session ID so that it worked across a multi-server system... but that still doesn't open up any vulnerabilities as long as the queuing system on the server is well constructed (such as by relating each session ID to an IP address).

Edited September 27, 2013 by eFestivals

[eFestivals]

just one question, if the tabs are the same session then why in previous years have I had one tab go through and the rest still not loading? Wouldn't it be if one gets through they'd all follow suit?

It was defo the case last year (and I think the time before, tho that might be wrong) when using (at that time) the latest version of Firefox that when one tab got the 'buy' page all of the other tabs did too.

It's possible I guess that different browsers and/or different (older) versions of a browser might not have had multiple tabs sharing the same session - so that might be why youi experienced what you did.

[5co77ie]

i see they were testing the system with on sale tickets at 9am -

at 9am I clicked the link (which was on) the top news story on eFestivals my browser went straight into a queue for 12 minutes - before letting me see the page - a bit worrying

Yet there was no delay by going to see tickets front page, searching for Blackpool Rocks and then getting the booking screen from another PC I had handy.

(BTW: I've changed the link from See Tickets to Ticketline as the See Tickets system isn't working when trying to book them and keeps erroring.

Edited September 27, 2013 by 5co77ie

[phillyfaddle]

..if the tabs are the same session then why in previous years have I had one tab go through and the rest still not loading?

[Pinhead]

"So in the real world, See would need to use a cookie to store the session ID so that it worked across a multi-server system... but that still doesn't open up any vulnerabilities as long as the queuing system on the server is well constructed (such as by relating each session ID to an IP address)."

So it goes without saying that if you have turned off cookies for security reasons on your browser, you might want to consider turning them back on again for the duration of the ticket sale on the day.

[prue]

I've tried gathering wisdom from this thread and got to about half-way down the second page by which time my brain was going in such tight circles I needed a lie down.

Would any kind person be able to distil the techy tips into a few bullet points for the techily-challenged amongst us?

[whateverman]

I've tried gathering wisdom from this thread and got to about half-way down the second page by which time my brain was going in such tight circles I needed a lie down.

Would any kind person be able to distil the techy tips into a few bullet points for the techily-challenged amongst us?

[jeffie]

i see they were testing the system with on sale tickets at 9am -

at 9am I clicked the link (which was on) the top news story on eFestivals my browser went straight into a queue for 12 minutes - before letting me see the page - a bit worrying

Yet there was no delay by going to see tickets front page, searching for Blackpool Rocks and then getting the booking screen from another PC I had handy.

(BTW: I've changed the link from See Tickets to Ticketline as the See Tickets system isn't working when trying to book them and keeps erroring.

[dan05delaney]

i see they were testing the system with on sale tickets at 9am -

at 9am I clicked the link (which was on) the top news story on eFestivals my browser went straight into a queue for 12 minutes - before letting me see the page - a bit worrying

Yet there was no delay by going to see tickets front page, searching for Blackpool Rocks and then getting the booking screen from another PC I had handy.

(BTW: I've changed the link from See Tickets to Ticketline as the See Tickets system isn't working when trying to book them and keeps erroring.

[gaz2theb]

It was mentioned to twitter last night that there will be NO queuing system ^^

[dan05delaney]

It was mentioned to twitter last night that there will be NO queuing system ^^

[Joeskeppi]

Edit: This isn't worth the hassle.

Edited September 27, 2013 by Joeskeppi

[Joeskeppi]

 

So it goes without saying that if you have turned off cookies for security reasons on your browser, you might want to consider turning them back on again for the duration of the ticket sale on the day.

Edited September 27, 2013 by Joeskeppi

[Joeskeppi]

 

So.....we're all still agreed multipliable windows but with just the one tab?

just one question, if the tabs are the same session then why in previous years have I had one tab go through and the rest still not loading?

Edited September 27, 2013 by Joeskeppi

[5co77ie]

It was mentioned to twitter last night that there will be NO queuing system ^^

Edited September 27, 2013 by 5co77ie

[parsonjack]

Do we know what the ticket site address is likely to be this year? Apologies if that is a stupid question.

[jeffie]

I'd have a punt on the first ticket choice screen being http://glastonbury.seetickets.com/Tour/Glastonbury-2014

The page exists on See's system, but at present everything pointed at glastonbury.seetickets.com appears to be re-directed to the registration page.

To be honest though going direct to this page will save you very little - a single DNS lookup and re-direct - but in this game any saving of a microsecond here and there is at least a pyschological bonus.

[5co77ie]

I'd have a punt on the first ticket choice screen being http://glastonbury.seetickets.com/Tour/Glastonbury-2014

The page exists on See's system, but at present everything pointed at glastonbury.seetickets.com appears to be re-directed to the registration page.

To be honest though going direct to this page will save you very little - a single DNS lookup and re-direct - but in this game any saving of a microsecond here and there is at least a pyschological bonus.