Graal Forums  

Go Back   Graal Forums > PlayerWorlds > PlayerWorlds Main Forum
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Search this Thread Display Modes
  #46  
Old 05-21-2012, 10:21 PM
Hezzy002 Hezzy002 is offline
Registered User
Join Date: Jul 2011
Posts: 247
Hezzy002 is a jewel in the roughHezzy002 is a jewel in the rough
Yay, everyone ignores my solution that can totally be scripted in!
Reply With Quote
  #47  
Old 05-21-2012, 10:31 PM
DustyPorViva DustyPorViva is offline
Will work for food. Maybe
DustyPorViva's Avatar
Join Date: Sep 2003
Location: Maryland, USA
Posts: 9,589
DustyPorViva has a reputation beyond reputeDustyPorViva has a reputation beyond reputeDustyPorViva has a reputation beyond reputeDustyPorViva has a reputation beyond reputeDustyPorViva has a reputation beyond reputeDustyPorViva has a reputation beyond reputeDustyPorViva has a reputation beyond reputeDustyPorViva has a reputation beyond reputeDustyPorViva has a reputation beyond reputeDustyPorViva has a reputation beyond reputeDustyPorViva has a reputation beyond repute
Send a message via AIM to DustyPorViva Send a message via MSN to DustyPorViva
Quote:
Originally Posted by Hezzy002 View Post
Yay, everyone ignores my solution that can totally be scripted in!
I don't imagine the servers can take the extra stress of being an image host as well.
Reply With Quote
  #48  
Old 05-21-2012, 10:35 PM
cbk1994 cbk1994 is offline
the fake one
cbk1994's Avatar
Join Date: Mar 2003
Location: San Francisco
Posts: 10,718
cbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond repute
Send a message via AIM to cbk1994
Quote:
Originally Posted by Hezzy002 View Post
Yay, everyone ignores my solution that can totally be scripted in!
It can't be scripted in except with login scripts.
__________________
Reply With Quote
  #49  
Old 05-21-2012, 10:39 PM
fowlplay4 fowlplay4 is offline
team canada
fowlplay4's Avatar
Join Date: Jul 2004
Location: Canada
Posts: 5,200
fowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond reputefowlplay4 has a reputation beyond repute
Quote:
Originally Posted by DustyPorViva View Post
I don't imagine the servers can take the extra stress of being an image host as well.
They certainly could but to me it's more why waste the bandwidth?
__________________
Quote:
Reply With Quote
  #50  
Old 05-21-2012, 11:06 PM
Hiro Hiro is offline
\(^∀^)メ(≧∇≦)ノ
Hiro's Avatar
Join Date: Jan 2005
Posts: 1,965
Hiro has a spectacular aura aboutHiro has a spectacular aura about
Send a message via AIM to Hiro
Quote:
Originally Posted by bloodykiller View Post
u should be able to take images off it u wanted to, but why should graal regress like this? images were used by a lot of players
And then everyone in their right mind disables them as to not be exploited.
Reply With Quote
  #51  
Old 05-21-2012, 11:09 PM
Hezzy002 Hezzy002 is offline
Registered User
Join Date: Jul 2011
Posts: 247
Hezzy002 is a jewel in the roughHezzy002 is a jewel in the rough
Quote:
Originally Posted by cbk1994 View Post
It can't be scripted in except with login scripts.
It was in response to FP4's "Unless Stefan can script it into the PM system..."

And the servers can totally take the stress of being an image host, it's practically nothing compared to all the other images/ganis/bytecode/levels it serves, especially because of their infrequent use.

And why "waste" the bandwidth? Well, because it's a solution that works and doesn't restrict the users.
Reply With Quote
  #52  
Old 05-22-2012, 12:09 AM
nightslayer317 nightslayer317 is offline
Registered User
Join Date: Nov 2003
Location: Graal
Posts: 73
nightslayer317 will become famous soon enough
Quote:
Originally Posted by Hiro View Post
Yea we totally need images and HTML in mass messages and PMs instead of taking care of a blatant security risk.

The **** is wrong with you people? Just remove them altogether.
^
Reply With Quote
  #53  
Old 05-22-2012, 10:15 AM
Fulg0reSama Fulg0reSama is offline
Extrinsical Anomaly
Fulg0reSama's Avatar
Join Date: Sep 2009
Location: Ohio
Posts: 3,049
Fulg0reSama has a brilliant futureFulg0reSama has a brilliant futureFulg0reSama has a brilliant futureFulg0reSama has a brilliant futureFulg0reSama has a brilliant futureFulg0reSama has a brilliant futureFulg0reSama has a brilliant futureFulg0reSama has a brilliant future
Only If there was like an approval system for any masses with <img> tags

Too bad that's also very inefficient.
__________________

Careful, thoughts and opinions here scare people.
Reply With Quote
  #54  
Old 05-22-2012, 05:04 PM
cbk1994 cbk1994 is offline
the fake one
cbk1994's Avatar
Join Date: Mar 2003
Location: San Francisco
Posts: 10,718
cbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond repute
Send a message via AIM to cbk1994
Quote:
Originally Posted by DustyPorViva View Post
Not familiar with the wordfilter, so I'll use regex, but would something like this be possible for now?

RULE
CHECK pm
MATCH {php|png|jpg|jpeg|gif}\?.\>
PRECISION 100%
WORDPOSITION part
ACTION log replace
RULEEND

Be possible?
What are you trying to accomplish? The extension is unimportant. Only the Content-Type header matters. Even without a proper image content-type header, the browser is still going to try to load it, and I still get your IP. The best solution to disable images is Jer's:

Quote:
Originally Posted by fowlplay4 View Post
Append to wordfilter/rules.txt

PHP Code:
RULE
CHECK pm
MATCH 
<img
PRECISION 100
%
WORDPOSITION part
ACTION replace
RULEEND 
As far as I know, the wordfilter rules aren't advanced enough to allow certain text to be exempted (to create a whitelist). This would have to be done with login scripts or by Stefan.
__________________
Reply With Quote
  #55  
Old 12-06-2012, 03:30 AM
scriptless scriptless is offline
Banned
Join Date: Dec 2008
Location: N-Pulse
Posts: 1,412
scriptless is a splendid one to beholdscriptless is a splendid one to beholdscriptless is a splendid one to beholdscriptless is a splendid one to behold
It's not just images.. Basically what they are doing is using an image, or any other file.. on ther website so that when you open a PM and it loads the file from there server.. they have our IP address and becasue of #a they have your account name.. they can match who is who..

you can safely do a read history before you open your pm's if your seriously paranoid about it.. images just happen to be the easiest way to accomplish it.

I think personally, it should be hard coded into graal to only allow images from the server your on because it helps people when selling items to show what they look like.


Someone correct me if I am wrong, but isn't it possible in GS2 to check pm's? I thought GK has a swear filter for that.. and if it is possible, a script could simply phrase for "<img" and warn user that a potential harm may be detected..?
Reply With Quote
  #56  
Old 12-06-2012, 09:23 AM
cbk1994 cbk1994 is offline
the fake one
cbk1994's Avatar
Join Date: Mar 2003
Location: San Francisco
Posts: 10,718
cbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond reputecbk1994 has a reputation beyond repute
Send a message via AIM to cbk1994
Quote:
Originally Posted by scriptless View Post
Someone correct me if I am wrong, but isn't it possible in GS2 to check pm's? I thought GK has a swear filter for that.. and if it is possible, a script could simply phrase for "<img" and warn user that a potential harm may be detected..?
Kingdoms uses the standard swearfilter to filter PMs. I don't think it's possible for scripts to view/modify PMs (for good reason, too). Privileged (login) scripts may be able to, but I don't think so. PMs are displayed using special GUI controls (not just standard GuiMLTextCtrls) which prohibit accessing or changing the displayed message.
__________________
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 09:55 PM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.
Copyright (C) 1998-2019 Toonslab All Rights Reserved.