Illia wrote:
We did pretty extensive testing on a development environment, which because of it's isolation - doesn't allow us to test everything. The login problem was a result of login cookies with a + in them which was getting decoded to a " ". The ' problem was an issue of double encoding not allowing otherwise safe html through.
We strive for a clean professional presentation, but we're not your bank - you will see errors exposed. Which is probably good news, since we hope to survive the financial crisis, but all bets are off regarding your bank...
I know I can be a little overly critical at times, but how often do you refresh that environment with production data? Before a major patch you should think about creating a validation environment from production, patching validation and testing that instead of going straight from development to production.
Yes, I know, overhead, costs, etc. etc... but they're just suggestions for improvement that could probably prevent a lot of the panic and issues that we saw today.