Giter Club home page Giter Club logo

youtubedownweb's Introduction

Top Lang Repo Size Issue Issue Close Pull Req Closed Pull Req License Youtube Pythonanywhere Commit Activity Last Commit Release Date

YoutubeDownWeb

live = https://youtubedown.pythonanywhere.com (Dead because just 3 month in pythonanywhere)

English

this is website for download videos/audio from youtube using flask

you can remove comment in =

<!-- <meta http-equiv="Content-Security-Policy" content="script-src 'none'"> -->
<!-- <meta http-equiv="Content-Security-Policy" content="frame-ancestors 'none'"> -->
<!-- <meta http-equiv="Content-Security-Policy" content="sandbox 'none'"> -->
<!-- <meta http-equiv="Content-Security-Policy" content="object-src 'none'"> -->

for patch bug xss mime type like this = http://brutelogic.com.br/poc.svg

the risk is

calculate corona virus from indonesia and callender will be remove (but its okay)

and you will get score your flask web like this

image

the bug i solved from above is

mime type xss

serves image with low resolutions (srcset="urlimage.jpg 4x") =

> example like this = 
> flamingo4x.jpg — 4025 × 2672 — 3.8 MB
> flamingo3x.jpg — 3019 × 2005 — 3.7 MB
> flamingo2x.jpg — 2013 × 1337 — 1.9 MB
> flamingo1x.jpg — 1006 × 668 — 338 KB
> flamingo-fallback.jpg — 1006 × 668 — 108 KB
> Read more: https://html.com/attributes/img-srcset/#ixzz7Eg9xgXcx

bug jcquery, bootstrap and popperjs

> upgrade to the latest
>
> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
> <script src="https://cdn.jsdelivr.net/npm/@popperjs/[email protected]/dist/umd/popper.min.js"></script>
> <script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js"></script>

and some bug , etc.

Indonesia

website ini digunakan untuk mendownload video dan audio di youtube

kamu bisa menghapus komen di baris kode ini =

<!-- <meta http-equiv="Content-Security-Policy" content="script-src 'none'"> -->
<!-- <meta http-equiv="Content-Security-Policy" content="frame-ancestors 'none'"> -->
<!-- <meta http-equiv="Content-Security-Policy" content="sandbox 'none'"> -->
<!-- <meta http-equiv="Content-Security-Policy" content="object-src 'none'"> -->

kode diatas adalah patch untuk bug xss mime type sperti ini http://brutelogic.com.br/poc.svg

resiko jika menghapus komen di baris kode atas adalah

perhitungan corona virus dari kematian sampai sembuh serta kalender akan terhapus, dan vuln xss mime type , tapi tidak apa apa karena xss tersebut self

dan kamu akan mendapatkan score flask web nya seperti digambar bawah ini jika dihapus

image

kerentanan yang sudah ku selesaikan adalah

mime type xss

serves image with low resolutions (srcset="urlimage.jpg 4x") =

> example like this = 
> flamingo4x.jpg — 4025 × 2672 — 3.8 MB
> flamingo3x.jpg — 3019 × 2005 — 3.7 MB
> flamingo2x.jpg — 2013 × 1337 — 1.9 MB
> flamingo1x.jpg — 1006 × 668 — 338 KB
> flamingo-fallback.jpg — 1006 × 668 — 108 KB
> Read more: https://html.com/attributes/img-srcset/#ixzz7Eg9xgXcx

bug jcquery, bootstrap and popperjs

> upgrade to the latest
>
> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
> <script src="https://cdn.jsdelivr.net/npm/@popperjs/[email protected]/dist/umd/popper.min.js"></script>
> <script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js"></script>

dan beberapa bug lainnya

Tutorial PythonAnywhere

1. go to http://pythonanywhere.com/
2. u choose register / signup (recomended using temp mail)
3. go to web and "add a new web app"

image

4. next
5. select flask then select python 3.9 , next
6. remove /mysite from /home/yourusernameaccount/mysite/flask_app.py -> /home/yourusernameaccount/flask_app.py , next
7. website created successfully

8. go to web again
9. in this you add (enter url) /static/   and the directory /home/yourusernameaccount/

image

10. go to files
11. create robots.txt and type flask_app.py

image

12. select all from flask_app.py , and paste it main.py or flask_app.py from this github
13. save and refresh

image

14. then go back to web
15. u can activated or no

image

16. my recommended is enabled https, after that, go to your website pythonanywhere, and click this

image

Copyright

Copyright @ 2021 Xnuvers007

image

youtubedownweb's People

Contributors

xnuvers007 avatar

Stargazers

wxzzz avatar Ihsan Devs avatar avatar Andhika Dwiky Pratama avatar avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.