From e49dfd5bb4eda616f6f230f7d371a76477d383cb Mon Sep 17 00:00:00 2001
From: Henry Jenkins <henry@henryjenkins.name>
Date: Thu, 18 Feb 2016 22:01:37 -0500
Subject: [PATCH] Added DOS vulnerability

Added a sleep to the show messages page to show how using slow blocking
methods can allow DOS to occur.
---
 app/controllers/messages_controller.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb
index e657297..90e5a51 100644
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@@ -3,6 +3,8 @@ class MessagesController < ApplicationController
   def index
     @messages = current_user.messages
     @message = Message.new
+    # Blocking code can cause DOS
+    sleep(3)
   end
 
   def show