Comments (9)
LandonPowell
commented on July 17, 2024
2
@bui
I only terrorize cute twinks. ;^))))))
from infinity.
commented on July 17, 2024
1
i agree
from infinity.
bui
commented on July 17, 2024
1
are you a terrorist
from infinity.
ctrlcctrlv
commented on July 17, 2024
cc: @czaks
Hello,
8chan is no longer an open source project in the sense that it was up to April 2016 when I retired. I made a board to see what you are talking about and it is using a route that I don't recognize, edit_board_rules. If I had to make a conservative estimate, I would guess that 8ch.net is over one hundred commits ahead of this repository, perhaps more. Very few commits have been ported from the 8ch.net closed source version to this repository, the only ones are in the public-site branch.
When I made the static pages feature, I imported the rules page as a static page and then disabled the edit rules route. ?/edit_board_rules is not my code, and I don't know what it does, but based on the link you shared it just uses simple concatenation...
This commit enabled "Edit pages": 12fa8ec#diff-4eb9dfb2a18c93c1c47d74c033513d64L668
In pre March 2015 versions of the source code, new rules could be POST'd directly to ?/settings/board.
So, no repositories based on the open source code are affected, and I am closing this bug.
from infinity.
ctrlcctrlv
commented on July 17, 2024
@Getindor Sorry, there's literally nothing I can do, but at least the open source code is not vulnerable.
from infinity.
LandonPowell
commented on July 17, 2024
@ctrlcctrlv
Man, that sucks. Do you have contact info for the guys currently in charge of infinitesimal-chan's codebase? Feel free to email it to me so the nutjobs on github don't use it to troll: [email protected]
from infinity.
CantStumpTheTrump
commented on July 17, 2024
@ctrlcctrlv It's all your fault, cuck.
from infinity.
ctrlcctrlv
commented on July 17, 2024
@LandonPowell I showed them this bug report and they seem to have disabled the ?/edit_board_rules mod.php route, but they didn't clean up the XSS you wrote out to /islamicstate/rules.html for some reason. I also did ask why they made the route in the first place and did not get a response.
So, at least this specific issue seems fixed, but how many other bugs there might be in the closed source code is anyone else's guess given how naive the implementation of this rules page was...
from infinity.
CantStumpTheTrump
commented on July 17, 2024
@ctrlcctrlv U fucked everything up
from infinity.
Related Issues (20)
- [Bug] Illegal mix of collations (ascii_general_ci,IMPLICIT) and (utf8_general_ci,COERCIBLE) for operation '=' HOT 1
- dnsbls_bypass retry addres for Tor
- Add evercookie HOT 1
- Thread watcher shows new posts
- Automatic thread/board cleaner
- Why the link in the watchlist it null
- 24h captcha bug
- CSS to enable EXIF rotation HOT 1
- infinity open source project HOT 2
- Quick reply and Options are broken. HOT 1
- Suggestion: Make filter regex be case sensitive
- 8chan X Image Hover Doesn't Work HOT 1
- New captcha system bug
- New Captcha returns improperly formatted Json in reply
- Random redirection to banner/ad/thumb URLs HOT 4
- Open source when? HOT 1
- API: File objects need thumbnail file extension exposed
- Captcha does not load HOT 1
- Catalog miniature for .webm is broken HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from infinity.