projecttwelve / airdrop-interface Goto Github PK

add some game meme

• Valve can't count to 3
• Stay a while, and listen!
• AYBABTU
• It's dangerous to go alone, take this
• I’ve covered wars, you know.
• Damedane
• Hesitation is defeat
• Winner Winner, Chicken Dinner

play a portal animation after claim NFT successfully

add collab home card of airdrops

Contact Details

No response

What happened?

A bug happened!

Version

1.0.3 (Edge)

What browsers are you seeing the problem on?

No response

Relevant log output

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

Contact Details

No response

What happened?

iOS mobile portal video does not work, Android is fine, it is estimated that the problem of video format compatibility

Version

1.0.3 (Edge)

What browsers are you seeing the problem on?

No response

Relevant log output

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

For cheating accounts, only one token can be claimed!

• join and connect wallet

• NFT reward & Token reward
• Docking some interfaces

add statistics on the count of gamer referral

iOS has disabled onload function on iframe created using javascript, ref: niklasvh/html2canvas#2864

• Join Button
• Claim button and Modal

count the number of NFT claimed at diff levels.

• icon change
• ReactGA

Contact Details

No response

What happened?

Enabling PUT & DELETE can have big security risks - allowing users to execute dangerous HTTP requests. The HTTP PUT method is normally used to upload data that is saved on the server with a user-supplied URL. While the DELETE method requests that the origin server removes the association between the target resource and its current functionality. Improper use of these methods may lead to a loss of integrity.

The OPTIONS method can expose sensitive information that may help a malicious actor to prepare more advanced attacks.

Although there can be other factors needed to delete & upload files (depending on the config like Methods being handled by application code and not web server).
Its still not good thing to enable these Methods. Please disable the PUT,DELETE & OPTIONS.

Version

1.0.2 (Default)

What browsers are you seeing the problem on?

Chrome

Relevant log output

Access-Control-Allow-Methods: PUT, GET, POST, OPTIONS,DELETE

Code of Conduct

• I agree to follow this project's Code of Conduct

• ui fix
• first claim congratulation

• verify api
• reward collab_name and nft_name

show thousandths sign for number in the ranking

Description:

Clickjacking is an interface-based attack in which a user is tricked into clicking on actionable content on a hidden website by clicking on some other content in a decoy website. Consider the following example:

The Impact of Clickjacking:

The user assumes that they're entering their information into a usual form but they're actually entering it in fields the hacker has overlaid on the UI. Hackers will target passwords, seed words, emails and any other valuable data they can exploit.

Solutions:

1. X-Frame-Options:

X-Frame-Options: deny
Alternatively, framing can be restricted to the same origin as the website using the sameorigin directive

X-Frame-Options: sameorigin
or to a named website using the allow-from directive:

X-Frame-Options: allow-from https:// website . com

2. Content Security Policy (CSP)

Content-Security-Policy: policy

The recommended clickjacking protection is to incorporate the frame-ancestors directive in the application's Content Security Policy. The frame-ancestors 'none' directive is similar in behavior to the X-Frame-Options deny directive. The frame-ancestors 'self' directive is broadly equivalent to the X-Frame-Options sameorigin directive. The following CSP whitelists frames to the same domain only:

Content-Security-Policy: frame-ancestors 'self';
Alternatively, framing can be restricted to named sites:

Content-Security-Policy: frame-ancestors normal- website . com;

Version

1.0.2 (Default)

What browsers are you seeing the problem on?

Chrome

Relevant log output

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

add sharing card, allow saving as an image

The amount of tokens that gamers can claim is based on various relevant metrics.

maybe end the round one at sometime