2DWorlds Forums Off Topic General Discussion v
Testing New Signature

Thread Modes
Testing New Signature
noob007 Offline
Posting Freak
*****
Posts: 823
Threads: 75
Joined: Apr 2011
Reputation: 0
#11
05-09-2011, 02:51 PM
(05-09-2011, 07:10 AM)toast Wrote:
(05-09-2011, 03:28 AM)noob007 Wrote:
(05-09-2011, 03:26 AM)toast Wrote:
(05-09-2011, 02:33 AM)noob007 Wrote:
(05-09-2011, 02:27 AM)toast Wrote: Your signature code has XSS vulnerabilities

Erm, no.

kinda yeah if you were able to change the signature variable youd be able to put html code in

But PHP scripts are only server-side. A client can't change them.

What if there was a form (that you make) where you could change your signature and it'd change the value of the variable?

Then it would change the signature because that's what it's supposed to do...
Find
Reply
Micky Offline
Posting Freak
*****
Posts: 2,617
Threads: 129
Joined: Jan 2013
Reputation: 0
#12
05-09-2011, 03:34 PM
O.o??
Find
Reply
toast Offline
Buildim's #1 edible user
****
Posts: 543
Threads: 102
Joined: Apr 2011
Reputation: 0
#13
05-09-2011, 05:42 PM
(05-09-2011, 02:51 PM)noob007 Wrote:
(05-09-2011, 07:10 AM)toast Wrote:
(05-09-2011, 03:28 AM)noob007 Wrote:
(05-09-2011, 03:26 AM)toast Wrote:
(05-09-2011, 02:33 AM)noob007 Wrote: Erm, no.

kinda yeah if you were able to change the signature variable youd be able to put html code in

But PHP scripts are only server-side. A client can't change them.

What if there was a form (that you make) where you could change your signature and it'd change the value of the variable?

Then it would change the signature because that's what it's supposed to do...

Someone could enter "<script>evil javascript here stealing users cookies and sending them to bulgaria</script>" as their signature and it'd put the javascript code in
[Image: 5widdh.png]
Siggy by McNoobster!
[Image: loading.gif]
Find
Reply
Fat_Sacks Offline
Crush. Kill. Destroy. Swag.
*****
Posts: 2,647
Threads: 177
Joined: Feb 2011
Reputation: 0
#14
05-09-2011, 06:09 PM
Wut?
[Image: 76561198037039305.png]
[Image: nmdd7o.gif]
Website Find
Reply
toast Offline
Buildim's #1 edible user
****
Posts: 543
Threads: 102
Joined: Apr 2011
Reputation: 0
#15
05-09-2011, 09:05 PM
read
[Image: 5widdh.png]
Siggy by McNoobster!
[Image: loading.gif]
Find
Reply
Qwertygiy Offline
Posting Freak
*****
Posts: 5,683
Threads: 413
Joined: Aug 2012
Reputation: 0
#16
05-09-2011, 09:25 PM
The only problem?

<a href="http://buildism.net">This code does not work in the forums.</a>
Find
Reply
Paradox Offline
I'm user 57 for a reason.
*****
Posts: 2,141
Threads: 104
Joined: Dec 2010
Reputation: 0
#17
05-09-2011, 09:55 PM
(05-09-2011, 03:13 AM)noob007 Wrote:
(05-09-2011, 03:00 AM)Paradox Wrote:
(05-09-2011, 02:33 AM)noob007 Wrote:
(05-09-2011, 02:27 AM)toast Wrote: Your signature code has XSS vulnerabilities

Erm, no.

Coder fight?

<_<

How mature the moderators are...

That wasn't meant to be taken seriously. I am very mature. I just find it annoying that the one time I try to have fun, I get criticized for it.
I found this cool Minecraft site
[Image: 76561197975251923.png][Image: n54lfl.jpg]
[Image: k1ouq9.jpg]
Find
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)