Gang Html

If you think you've found a bug, post it here.

Gang Html

Postby Confuzzed on Tue, 09 Feb 2010 08:04:25 +0000

Ok why on earth has the following been removed from the gangs HTML list??

img src - The code to display an image
hr - horizontal rules

You are just making life harder and at the same time you are gng to make our pages bigger because now we have to find other ways to do simple tasks, it just aint right
Confuzzed
Donator
 
CW Profile
Posts: 173
Joined: Tue, 12 Jan 2010 17:16:43 +0000

Re: Gang Html

Postby Andi on Tue, 09 Feb 2010 09:18:49 +0000

Security/safety reasons.
Andi
Admin
 
CW Profile
Posts: 248
Joined: Fri, 30 Oct 2009 09:55:23 +0000

Re: Gang Html

Postby [POLY] returnofthamac on Tue, 09 Feb 2010 09:19:00 +0000

the admins are just screwing up the game...i vote for having lyn as the owner again :P
[POLY] returnofthamac
Newbie
 
CW Profile
Posts: 15
Joined: Fri, 01 Jan 2010 08:00:29 +0000

Re: Gang Html

Postby Confuzzed on Tue, 09 Feb 2010 10:36:36 +0000

can i ask what the security/safety reason is for removing horizontal lines?

And then again for standard pics?
Confuzzed
Donator
 
CW Profile
Posts: 173
Joined: Tue, 12 Jan 2010 17:16:43 +0000

Re: Gang Html

Postby born2hack on Tue, 09 Feb 2010 11:05:48 +0000

Confuzzed wrote:can i ask what the security/safety reason is for removing horizontal lines?

And then again for standard pics?


NO







(couldn't resist....)

See? *points below* I knew it!
Last edited by born2hack on Tue, 09 Feb 2010 11:18:30 +0000, edited 1 time in total.
This game deserves a better class of Net Guards...I'm gonna give it to 'em.
born2hack
Donator
 
CW Profile
Posts: 44
Joined: Wed, 30 Dec 2009 15:04:15 +0000

Re: Gang Html

Postby Andi on Tue, 09 Feb 2010 11:16:10 +0000

Why do I have to explain myself to you? I didn't removed them "just to annoy Confuzzed".
Andi
Admin
 
CW Profile
Posts: 248
Joined: Fri, 30 Oct 2009 09:55:23 +0000

Re: Gang Html

Postby PaPPy on Tue, 09 Feb 2010 11:54:17 +0000

im guessing marky/trin/dm/ someone that keeps fucking with the game that orsm keeps letting back

has found some CSRF that can be placed into an img
http://en.wikipedia.org/wiki/Cross-site_request_forgery


example
Code: Select all
<img src=http://cyber-wars.com/battle.php?battle=10039>


would have you attack gatekeeper, without you knowing
PaPPy
 
CW Profile

Re: Gang Html

Postby Confuzzed on Tue, 09 Feb 2010 13:32:22 +0000

Aoen wrote:Why do I have to explain myself to you? I didn't removed them "just to annoy Confuzzed".


Nah it was just to annoy everyone

PaPPy wrote:im guessing marky/trin/dm/ someone that keeps fucking with the game that orsm keeps letting back


Thank you Pappy, i didnt know you could do that
Confuzzed
Donator
 
CW Profile
Posts: 173
Joined: Tue, 12 Jan 2010 17:16:43 +0000

Re: Gang Html

Postby PaPPy on Tue, 09 Feb 2010 14:04:26 +0000

there is a pretty cool package i wanted to add that protects against that, XSS, and sql injection
called php-ids
PaPPy
 
CW Profile

Re: Gang Html

Postby Confuzzed on Tue, 09 Feb 2010 14:28:28 +0000

Aoen please add that package and give us back control over our gang pages, seriously this is annoying like hell
Confuzzed
Donator
 
CW Profile
Posts: 173
Joined: Tue, 12 Jan 2010 17:16:43 +0000

Re: Gang Html

Postby Ozy {DD} on Tue, 09 Feb 2010 16:25:46 +0000

the
Code: Select all
<hr />
is also useful in a Forum, when you Edit someone post, or if you want to put 2 different points in 1 post.

For Gang page we can't use
Code: Select all
<!--     comment    -->
either, it is useful when you need to do daily small changes, without having to copy past all again.


For these, I don't see a "security/safety reason" ...

:?: zy
Ozy {DD}
Donator
 
CW Profile
Posts: 341
Joined: Sun, 13 Dec 2009 15:11:55 +0000

Re: Gang Html

Postby Diseased Violence on Tue, 09 Feb 2010 18:37:26 +0000

you can't

<img src="pic">

but you can

<table background="pic">

right? :roll:
User avatar
Diseased Violence
Donator
 
CW Profile
Posts: 244
Joined: Sun, 13 Dec 2009 21:49:44 +0000

Re: Gang Html

Postby [1]Savage Wolf on Tue, 09 Feb 2010 19:03:16 +0000

Here's the easiest solution I can find:

If it's a certain group of people doing the security hole shit, BAN THEM. And keep them banned.

It might not bring back the HTML holes they already exploited, but it'll stop them from finding more so you can actually do things instead of slowly losing your ability to change pages because of a couple little bullshits.
[1]Savage Wolf
Donator
 
CW Profile
Posts: 34
Joined: Sun, 13 Dec 2009 15:20:05 +0000

Re: Gang Html

Postby PaPPy on Tue, 09 Feb 2010 20:40:43 +0000

[1] Savage Wolf wrote:Here's the easiest solution I can find:

If it's a certain group of people doing the security hole shit, BAN THEM. And keep them banned.

It might not bring back the HTML holes they already exploited, but it'll stop them from finding more so you can actually do things instead of slowly losing your ability to change pages because of a couple little bullshits.

proxies, aol (has like a million IPS), and other shit keeps them coming back

i had a running list of proxies and TOR IPs, and always said delete their accounts, but certain ppl were soft
PaPPy
 
CW Profile


Return to Bug Reports

Who is online

Users browsing this forum: No registered users and 1 guest