News | Forum | People | FAQ | Links | Search | Register | Log in
Site Help
Posted by metlslime on 2002/12/23 18:26:17
This is the forum to ask questions about this website, report things that are broken, request features, etc.

Be sure to check out the FAQ as well.
First | Previous | Next | Last
I AM A FAGGOT! 
#1296 posted by anonymous user on 2009/06/24 00:01:15
HUMP MY RUMP! 
I AM A FAGGOT! 
#1297 posted by anonymous user on 2009/06/24 00:01:33
HUMP MY RUMP! 
Well... 
#1298 posted by metlslime on 2009/06/24 00:03:04
I think all issues can be addressed.

First, the misleading URL demonstrated by spirit can be mitigated by making raw URLs look different that anchor tags, using color or other formatting.

Second, the http-based XSS attack spirit showed can be fixed by making the logout button require POST instead of GET.

Third, the javascript-based XSS attacks as demonstrated by czg can be prevented by being stricter about the URL (i.e. requiring http:/ftp: at the beginning) 
I AM A FAGGOT! 
#1299 posted by RickyT33 on 2009/06/24 00:03:24
HUMP MY RUMP! 
Rofl 
#1300 posted by RickyT33 on 2009/06/24 00:04:03
its not true!!! 
Also... 
#1301 posted by metlslime on 2009/06/24 00:04:34
i might consider allowing anchor tags only in discussion/news threads, and not in posts. This means our news can look nicer, and anything malicious is easily moderated (since threads are few compared to posts.) 
Lol, Great Link 
#1302 posted by negke on 2009/06/24 00:08:56
Ricky: "sweet deadly white stick" up your rump 
I AM A FAGGOT! 
#1303 posted by oh, that person on 2009/06/24 00:18:17
HUMP MY RUMP! 
 
#1304 posted by oh, that person on 2009/06/24 00:18:39
oh god I am a gullible idiot. 
I AM A FAGGOT! 
#1305 posted by CETME on 2009/06/24 00:25:18
HUMP MY RUMP! 
I AM A FAGGOT! 
#1306 posted by Orl on 2009/06/24 01:09:18
HUMP MY RUMP! 
Comedy Gold 
#1307 posted by DaZ on 2009/06/24 02:51:42
 
:) 
#1308 posted by mwh on 2009/06/24 05:16:14
Input validation is a thicket of all sorts of horrors. 
I AM A FAGGOT! 
#1309 posted by JPL on 2009/06/24 07:50:49
HUMP MY RUMP! 
Oh No... 
#1310 posted by JPL on 2009/06/24 07:52:05
Damn, what is this shit !!?? czg: you are the most stupid of us, you damn bastard ! I hate you ! 
I AM A FAGGOT! 
#1311 posted by Spirit on 2009/06/24 08:01:31
HUMP MY RUMP! 
I AM A FAGGOT! 
#1312 posted by Spirit on 2009/06/24 08:01:35
HUMP MY RUMP! 
I AM A FAGGOT! 
#1313 posted by Spirit on 2009/06/24 08:01:40
HUMP MY RUMP! 
I AM A FAGGOT! 
#1314 posted by Spirit on 2009/06/24 08:01:42
HUMP MY RUMP! 
 
#1315 posted by Spirit on 2009/06/24 08:02:23
"Hey, nothing happened"
"Hm, still nothing"
"ooooooooooooooooh" 
Czg 
#1316 posted by JPL on 2009/06/24 08:03:43
Forgot what I said, Spirit is the winner of this stupidity context without any doubts :P 
This Exploit Is Hilarous... 
#1317 posted by metlslime on 2009/06/24 09:16:40
but it is now fixed. Anchor tag URLs must start with the ftp, http, or https scheme in order to be converted to clickable links. 
Huzzah For Metlslime !! 
#1318 posted by JPL on 2009/06/24 09:31:00
 
And.... 
#1319 posted by metlslime on 2009/06/24 09:36:55
as a trial, i made it so user-created anchor tags are embedded in square brackets, so that they can be distinguished from raw URLs. We'll see how it feels. Example:

http://www.google.com/ -- raw URL
http://www.goatse.cx/ -- anchor tag 
 
#1320 posted by anonymous user on 2009/06/30 18:24:45
more mapping less cady garden bitches!!! 
First | Previous | Next | Last
You must be logged in to post in this thread.
Website copyright © 2002-2024 John Fitzgibbons. All posts are copyright their respective authors.