- This topic is empty.
December 18, 2017 at 9:29 am #422
So the site is still needing some loving here or there – but I can’t test every possible combination of devices, browsers, and such.. So if you guys notice any issues please post them here! I will try to keep this site in top shape for you all to enjoy. It will be helpful if you can provide the following information when submitting issues (because not everything runs the same) – [Note: You can copy and paste the following code to start your reply]:
<strong>Operating System / Device: </strong> WORDS <strong>Browser [version]: </strong> WORDS <strong>Issues:</strong> WORDS
Operating System / Device: Windows 10.1 / Touch Screen Laptop
Browser [version]: Chrome [version 63.0.3239.84 (Official Build) (64-bit)]
Issues: The text on the shop notifications is hard to read with the current colors.
Operating System / Device: Android 6.0.1 / Samsung Galaxy S6
Browser [version]: Chrome (version 63.0.3239.111)
Issues: Advertisements cause unnecessary horizontal scrolling, making it harder to read the content.
December 18, 2017 at 11:54 am #427
- This topic was modified 2 years, 3 months ago by MasterOmok. Reason: Update thingz
I don’t think this is supposed to be in Gaming, is it?December 18, 2017 at 1:00 pm #428
This is the general forum!
Edit – I just realized I made it “super sticky” which makes it sticky in all forums. Changing to regular sticky. Meow!
December 18, 2017 at 3:08 pm #433
- This reply was modified 2 years, 3 months ago by MasterOmok. Reason: Meow
Super sticky sounds hawtDecember 20, 2017 at 11:11 am #545
@masteromok so it has been brought to my attention that posts can only be edited by normal users for a certain amount of time. Can we enable edits to users own posts whenever?December 20, 2017 at 11:19 am #548
When posting to Gaming/A new Huntinggame (or something in the lines of that), I was trying out some HTML tags to see what I was able to do in this textarea. I posted a reply, but it is not visible to anybody, although it says that the lastt post was by me. Can you check this?December 20, 2017 at 11:24 am #551
so it has been brought to my attention that posts can only be edited by normal users for a certain amount of time. Can we enable edits to users own posts whenever?
@jahova – Well I can’t turn it off I guess, so it is now set to “9999999999 minutes” (19025 years) – I think that’ll work haha.
When posting to Gaming/A new Huntinggame (or something in the lines of that), I was trying out some HTML tags to see what I was able to do in this textarea. I posted a reply, but it is not visible to anybody, although it says that the lastt post was by me. Can you check this?
@majororbital – Hmm, I will see what is up with the HTML. Do you have any example code you were trying to use? Please post it in code tags please so it shows up like:
<code>December 20, 2017 at 11:32 am #552
@MasterOmok – I tried stuff like this:
<p class="test">This is a test </p>
I clicked the “code” button on top, but it in that post, but it just surounded my code with “`” and I honestly forgot about
lolDecember 20, 2017 at 12:40 pm #557
@majororbital – That syntax would be for creating “internal css” (which would need to be defined in the head element of the page). Since your post is not part of the head, that will not work correctly. What you would need to do is an “inline css” in order to accomplish what you want.
That would be something like:
<p style="color: red !important; text-align: center; font-size: 26px !important;">This is a test </p>
Which would display like:
This is a test
NOTE: I had to include “!important” for some of the style elements. This is because the theme’s style sheet is set to !important to override various plugin settings.
There are limits to what a regular user can include (for security reasons). All of the usable ones can be found as buttons above the post. These are the only HTML code pieces that a regular user can use:
// Links 'a' 'href' 'title' 'rel' 'target' // Quotes 'blockquote' 'cite' // Code 'code' 'pre' // Formatting 'em' 'strong' 'del' 'datetime' // Lists 'ul' 'ol' 'start' 'li' // Images 'img' 'src' 'border' 'alt' 'height' 'width'
December 20, 2017 at 12:48 pm #559
- This reply was modified 2 years, 3 months ago by MasterOmok. Reason: forgot closing tag, lawls
Omok TestUserParticipantPosts: 1Registered: 12/20/2017
(this is a regular user) So it will remove any HTML tags that are not allowed, and display as regular text:
<p style=”color: red !important; text-align: center; font-size: 26px !important;”>This is a test </p>December 20, 2017 at 1:30 pm #560
Aha now I see, ok great! Thanks! But there is no way you can repost my post on the hunt:showdown post?
I can’t reply to that post anymoreDecember 21, 2017 at 8:40 am #581
Not sure what you mean on that. There are no revisions saved for a post – just its current state.January 10, 2018 at 10:29 am #731
VladimirFamParticipantPosts: 1Registered: 01/10/2018
1) An attacker can see the entire structure of files and subdirectories from this site (www.imjahova.com)
Sensitive files are ‘hidden’ among public files in that location and attackers can use this vulnerability to access them.
Very simple fix, just deny directory listing & as another measure you should verify that there are no sensitive files at the mentioned URLs.
2) The website is missing HTTP security headers (X-Frame-Options, X-XSS-Protection, Strict-Transport-Security & X-Content-Type-Options)
The fix is just like this, setting the X-Content-Type-Options header to “X-Content-Type-Options: nosniff”, setting the Strict-Transport-Security header, setting the X-XSS-Protection header to “X-XSS-Protection: 1; mode=block” & lastly add the X-Frame-Options HTTP response header to every page that you want to be protected against Clickjacking attacks.
3) Not a security risk but i’d disable robots.txt to the public. (may lead to sensitive locations on the website (ex. administration panels, configuration files, etc).
4) The server software/ plugins and such are public too which is a risk in my opinion – allows attackers to know what version of WordPress you’re using and we all know that every WordPress version had vulns in it and some plugins too. Not saying there are any vulns, just be wary of it
Fix is very easy; get rid of the information which permits the identification of software platform, technology, server and operating system: HTTP server headers, HTML meta information, etc.
September 4, 2018 at 8:17 am #1242
- This reply was modified 2 years, 2 months ago by VladimirFam.
The site has gone through huge changes (both visible and behind the scenes)! Please let me know if you find any issues or things that looks off. This may be certain text is hard to read, bad colors for various elements, and things of the sort. Also let me know if there are any issues such as broken links, cannot login, or any thing else!September 6, 2018 at 8:35 am #1297
Everything looks great!
- You must be logged in to reply to this topic.