Scratch
archived forums
#26 2012-03-28 19:32:45
- TorbyFork234
- Scratcher
- Registered: 2012-03-01
- Posts: 1000+
Re: My new antidote script
Did you get your site approved by the Scratch Team?
Offline
#27 2012-03-29 10:03:46
- GeonoTRON2000
- Scratcher
- Registered: 2009-12-24
- Posts: 1000+
Re: My new antidote script
TorbyFork234 wrote:
Did you get your site approved by the Scratch Team?
No, how might I do that?
EDIT: We have to wait till June 
Last edited by GeonoTRON2000 (2012-04-06 21:07:36)
Offline
#28 2012-04-06 21:09:43
- GeonoTRON2000
- Scratcher
- Registered: 2009-12-24
- Posts: 1000+
Re: My new antidote script
I have brought it to full compatibility with Rookwood101's antidote, including the detector image, so now it's honestly a question of which you prefer.
Offline
#29 2012-04-06 21:20:11
- GeonoTRON2000
- Scratcher
- Registered: 2009-12-24
- Posts: 1000+
Re: My new antidote script
nathanprocks wrote:
GeonoTRON2000 wrote:
Teehee. New version. All onloads disabled.
Did you disable the <script /> and <iframe />? (Yes, in-line frames can run JS too lol.)
Yes. Along with all HTML. That's a different plugin by me.
Offline
#30 2012-04-12 23:10:43
- GeonoTRON2000
- Scratcher
- Registered: 2009-12-24
- Posts: 1000+
Re: My new antidote script
nathanprocks wrote:
GeonoTRON2000 wrote:
It now passively enables HTML.
For example:
<input type="text" value="You can't do this in BBCode." />This is very insecure. That is why Rookwood101 didn't put that in his code (and also made it hard to hack the tags to add code too).
Mehehehehe... with this new version... you can add code, but it has no effect!!!!
Offline
#31 2012-04-12 23:18:15
- GeonoTRON2000
- Scratcher
- Registered: 2009-12-24
- Posts: 1000+
Re: My new antidote script
GeonoTRON2000 wrote:
nathanprocks wrote:
GeonoTRON2000 wrote:
It now passively enables HTML.
For example:
<input type="text" value="You can't do this in BBCode." />This is very insecure. That is why Rookwood101 didn't put that in his code (and also made it hard to hack the tags to add code too).
Mehehehehe... with this new version... you can add code, but it has no effect!!!!
At least... not javascript. You can still use CSS.
Offline
#32 2012-04-14 11:44:40
- GeonoTRON2000
- Scratcher
- Registered: 2009-12-24
- Posts: 1000+
Re: My new antidote script
rookwood101 wrote:
![http://www.silentrunners.org/graphics/s … source');](http://www.silentrunners.org/graphics/sr/sr_5.gif"%20onload="alert(If%20you\re%20seeing%20this%20in%20an%20alert%20box,%20the%20userscript%20isn\t%20secure.%20Your%20password%20cookie:%20%20+%20document.cookie%20+%20I%20could%20quite%20easily%20send%20this%20to%20a%20third%20party%20source);){kind=link}
It wouldn't be document.cookie. That returns all cookies. What you want is this:
Code:
function getCookieArray() {
var cookies = document.cookie.split("; ");
var cookie = [];
for (var i = 0; i < cookies.length; i++) { var sel = cookies[i]; things = sel.split("="); var name = things[0]; var value = things[1]; cookie[name] = value; }
return cookie;
}
var cookies = getCookieArray();
alert('If you\'re seeing this, the userscript isn\'t secure. Your session id: '+cookies["PHPSESSID"]+'. I could easily extract your password and send it to a third party source.');Offline
#33 2012-04-18 22:04:36
- GeonoTRON2000
- Scratcher
- Registered: 2009-12-24
- Posts: 1000+
Re: My new antidote script
ANNOUNCEMENT! PLEASE READ:
This will now be called GTDote, due to a request by rookwood101 that it not be called antidote. Thank you for your time. There is also a short download link: http://yon.se/gtdote
Offline
#34 2012-04-30 10:17:25
- GeonoTRON2000
- Scratcher
- Registered: 2009-12-24
- Posts: 1000+
Re: My new antidote script
GeonoTRON2000 wrote:
TorbyFork234 wrote:
Did you get your site approved by the Scratch Team?
No, how might I do that?
EDIT: We have to wait till June
Wait... nevermind. It's been approved.
Offline