It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Small security problem or maybe it is just my browser
page: 10
share:
It might be just my browser or it might be a security issue on ATS
in this thread it looks like my post edited a post by imahumandog
as much fun as it would be to go around and edit posts by admins and mods i think it would be better if it was just fixed
in this thread it looks like my post edited a post by imahumandog
as much fun as it would be to go around and edit posts by admins and mods i think it would be better if it was just fixed
reply to post by Darkk
Without even seeing it, I'm fairly sure it's the result of someone enclosing edit tags in a quote box. But if you can give us a link, we'll have a look.
Without even seeing it, I'm fairly sure it's the result of someone enclosing edit tags in a quote box. But if you can give us a link, we'll have a look.
reply to post by yeahright
www.abovetopsecret.com...
There it is i did/could not have edited that post because as soon as i made it it appeared as humandogs post and i could not edit it. Then i posted again to see if it would change anything. The title looks like it got screwed up too
What happens if you put quotes in an edit tag?
www.abovetopsecret.com...
There it is i did/could not have edited that post because as soon as i made it it appeared as humandogs post and i could not edit it. Then i posted again to see if it would change anything. The title looks like it got screwed up too
What happens if you put quotes in an edit tag?
edit on 29-3-2011 by Darkk because: (no reason given)
edit on 29-3-2011 by Darkk because: (no reason given)
See, if I quote your post and edit it sufficiently, it looks like you edited this post.
In your case, I'm not sure what I'm supposed to be looking at. I don't see any aberrations in the link you provided.
5/19/13
google-site-verification" content="eo_RnrXfMhG-o_PdyObAXOCIWNMSJll2aNfJGLpZOYs" /
"description" content="5/19/13 EXPECT US" /
"keywords" content="5/19/13, expect us, expect, us, 5, 19, 13, 5-19-13, 19/5/13, 2013, 5/19/13, 19/5/2013, apocalypse, last, judgement, final, end, world, end of the world, end of time, final judgement" /
bgcolor="black"
di v style="visibility hidden;"
color="black" size="1"'expect us' 5/19/13! -- apocalypse, mythical end of the world [...] Day of Judgement, and, not surprisingly, the end of time."
that post
edit on 30-3-2011 by Darkk because: (no reason given)
edit on 3/30/2011 by 12m8keall2c because: well now we know how
it is done
edit on 30-3-2011 by Darkk because: (no reason given)
edit on 3/30/2011 by 12m8keall2c because: removed dangling html code skewing formatting
reply to post by Darkk
it's being caused by quoting html and div tags code, which is apparently breaking the board code when attempting to display it.
it's being caused by quoting html and div tags code, which is apparently breaking the board code when attempting to display it.
edit on 3/30/2011 by 12m8keall2c because: (no reason given)
it's being caused by quoting html and div code, which is apparently screwing up the board code when attempting to display it.
dupe
edit on 3/30/2011 by 12m8keall2c because: (no reason given)
5/19/13
google-site-verification" content="eo_RnrXfMhG-o_PdyObAXOCIWNMSJll2aNfJGLpZOYs" /
"description" content="5/19/13 EXPECT US" /
"keywords" content="5/19/13, expect us, expect, us, 5, 19, 13, 5-19-13, 19/5/13, 2013, 5/19/13, 19/5/2013, apocalypse, last, judgement, final, end, world, end of the world, end of time, final judgement" /
bgcolor="black"
di v style="visibility hidden;"
."
sounds like fun but there should be a fix for that
edit on 30-3-2011 by Darkk because: (no reason given)
edit on 3/30/2011 by 12m8keall2c because: removed dangling html code skewing formatting
5/19/13
google-site-verification" content="eo_RnrXfMhG-o_PdyObAXOCIWNMSJll2aNfJGLpZOYs" /
"description" content="5/19/13 EXPECT US" /
"keywords" content="5/19/13, expect us, expect, us, 5, 19, 13, 5-19-13, 19/5/13, 2013, 5/19/13, 19/5/2013, apocalypse, last, judgement, final, end, world, end of the world, end of time, final judgement" /
bgcolor="black"
div style="visibility: hidden;"
color="black" size="1"'expect us' 5/19/13! -- apocalypse, mythical end of the world [...] Day of Judgement, and, not surprisingly, the end of time."
There is. Use the right board tags for displaying such, as well as actual, proper and compliant html code.
edit on 3/30/2011 by 12m8keall2c because: (no reason given)
reply to post by Darkk
No one's getting snippy, just trying to afford a better understanding of what's happening here.
There are many various security measures taken to avoid any sort or possibility of code injection that both php and mysql are 'out of the box' prone and subject to.
ATS has employed security specialists to review and patch any that are found or felt to be potentially harmful, hence what you're seeing here.
Any actual html, php or mysql code will automatically have various characters, tags, etc. stripped both before and often after having been processed.
What you're seeing here is a direct result of the same. Incomplete code spat back to the browser, entire tags and/or individual opening/closing characters stripped, removed and left hanging... hence the garbled 'code' that even the most robust of browser debuggers will be hard-pressed to display properly.
Even despite the best of efforts, you can't always plan for or anticipate every scenario possible - recent events in the real world would seem a fine example of the same.
Still, a slightly ill-formatted page view certainly beats the possibility of bad or potentially harmful 'code' finding it's way into the database.
No one's getting snippy, just trying to afford a better understanding of what's happening here.
There are many various security measures taken to avoid any sort or possibility of code injection that both php and mysql are 'out of the box' prone and subject to.
ATS has employed security specialists to review and patch any that are found or felt to be potentially harmful, hence what you're seeing here.
Any actual html, php or mysql code will automatically have various characters, tags, etc. stripped both before and often after having been processed.
What you're seeing here is a direct result of the same. Incomplete code spat back to the browser, entire tags and/or individual opening/closing characters stripped, removed and left hanging... hence the garbled 'code' that even the most robust of browser debuggers will be hard-pressed to display properly.
Even despite the best of efforts, you can't always plan for or anticipate every scenario possible - recent events in the real world would seem a fine example of the same.
Still, a slightly ill-formatted page view certainly beats the possibility of bad or potentially harmful 'code' finding it's way into the database.
It is just strange that using this a normal user like me would be able to edit another members' post.
Originally posted by 12m8keall2c
reply to post by Darkk
ATS has employed security specialists to review and patch any that are found or felt to be potentially harmful, hence what you're seeing here.
Really? I'd fire them.
It's been trivial to insert _javascript in to posts for as long as i can remember. I've notified the powers that be numerous times over the years, but I've never heard back. I had hopes that it'd be fixed when the site was upgraded recently but it hasn't.
It's not a problem as long as you browse the site with _javascript disabled.
I'm happy to talk to someone about how to stop it or to give examples, but I've been saying that for years and have never heard anything back, so i wont hold my breath
Just as a brief example:
Opps, removed the examples. Apparently if you quote this post you can see how it's done.
As i said above, if the powers that be want to know how drop me an email.
edit on 31-3-2011 by Burgess because: (no reason given)