More FA coding failure

[ColeTrain]

So it appears someone on lulz discovered some small coding backholes, which allow user to spam someone's page tab with one and same shouts, by pressing F5 repeatedly at the "Your shout has been made!" notification page. Some other holes include for example, a thumbnail hack:

first post gets bigger thumbnail, scaled up to 185x185 preserving aspect ratio so squares get pretty big.

What is funnier is how FA handles avatar scaling in :iconuser: links in journals and comments. It scales the icon preserving aspect ratio to make it 50px horizontally.

Try setting attached image as your av then post a comment with text :icon your username : (without spaces).

So basically, you can get a result like something on this page here: http://www.furaffinity.net/user/rainpup/

Let's see what else might be found with fiddling...
EDIT: nevermind, looks like Yak sniffed it out and fixed the avatar enlargement issue, or at least patched it up. As for the multiple shouts one, it's still present.
 
 

[ProvincialTwit]

Screenshots, people.  Screenshots.  alt-prtscn in windows, open mspaint, ctrl-v to paste, save. 

[Jim Demintia]

For what it's worth the multiple shouts thing isn't a bug as such. This is possible on almost any website, it's just that the retarded use of GET vs. POST means that the browser doesn't pop up the "This action will be repeated" box.

[Conan]

They "fixed" the avatar thing by forcing avatars to display as squares (but not before fucking up avatars on the entire site).

Now, because FA doesn't mandate perfectly square icons be uploaded, anyone with something that's not perfectly square will end up with a stretched avatar. No one bothered to think that one through before mashing their keyboard and rolling out a "fix".

[Jim Demintia]

So are they just setting the HTML height/width attributes, or are they actually munging the image bits when it is uploaded? With FA as overloaded as it is it seems unwise to add additional server side image checks, especially since image format loaders are well known sources of security vulnerabilities due to mishandling of malformed input.

[Conan]

So are they just setting the HTML height/width attributes, or are they actually munging the image bits when it is uploaded? With FA as overloaded as it is it seems unwise to add additional server side image checks, especially since image format loaders are well known sources of security vulnerabilities due to mishandling of malformed input.

I should have clarified, the avatars themselves are untouched, but when you embed them with :icon[username]: they're simply stretched, squished, and distorted into 50px*50px.

This goes in:

and with :icon[username]:, this comes out:


They're both the same file, loaded from the same place.

[Pi]

Nevermind when it obviously breaks! It works well enough!

[Jim Demintia]

Seems like you used to be able to crash Mozilla (and the X server with it) in the olden days by making it try to resample, say, a 16,384px PNG. Who knows what the deal is now with this GPU bullshit that's everywhere, but I suspect this is far from all the havoc you can wreak with image rendering on FA.

[ProvincialTwit]

This would be a lot funnier if you could embed an mp3 into a gif and trick FA into serving up the secondary mime type, so for every instance of an icon on a page, it makes the browser play a separate instance of an mp3.