ONLINE NOW: 44       LAST 24 HOURS: 122  
« First <         > Last »
F F F F
Game News posted by Zorg
Sunday, November 7th 2010
All these error messages suck, I'm going to tone back the CSRF protection a bit to fix them. Right now the key changes constantly as you cycle through pages, this seems a little overkill for the problem. As long as you don't go entering the "key=value" from your URL in to any other sites it should be pretty secure with a more static key. I think I'll try just changing it on logins for now, then see if I can write an exploit that will get around it.

I'll be waiting a few days before releasing the source code for the exploit, sorry for the inconvenience of all these error messages. They will be fixed shortly.
Kizaaz
"first"
Matty
"So, I use the back button a lot... Does this now suck for me? "
Jess
"please remove the comformation msg for using items...dropping and selling, yes...using "
anialator
"None yet for me, though I actually haven't used my inventory today "
tghowcroft
"Had no idea what you just said, but it's cool "
GAGANB
"I didnt even know about this stuff until you told me Zorg. How was it a problem to begin with?"
noctem
"Thanks "
junglewolf
"can u remove the confirmation msg from using items (what jess said) and also the useless "drop item" option (since we wont have confirmation msg i hope)."
Moonpig
"Ive only had 1 so far and that due to diong something stupid. Also keep in mind youre the one who codes so its easier to exploit your own stuff."
CodeHydro
"It could be set in user preferences. Like people could choose paranoid mode, medium, or no security. It's really unnecessary for users who don't post urls, while good for those who do."
Zorg
"Yet again, you're totally miss understanding how CSRF exploits work CodeHydro. It has NOTHING to do with posting URLs, it is a browser born exploit."
Cyclone
"@CodeHydro, when you visit the site, the site PULLS the address you came from, regardless of what you do. <- Make it a little clearer on why this is a problem?"
007Ben
"i agree with Jess & junglewolf. Ths conformation messages are more annoying than they are helpful"
Halloween 2023
 - Updated by Pie

Meep Coin
 - Updated by Pie

Meepcoin
 - Updated by Pie

Halloween 2023
 - Updated by Pie