Enrive[a / b / biz / c / co / g / gg / global / k / lit / Movies / mu / nsa / pc / pol / sci / toon / tv / x]

Suggestions - /gg/[Catalog][Board FAQ]

[?]


TopBottom
Image Thumbnail

>Your anonymous ID must have been active for at least 2 days and have at least 25 posts before you can post on general boards. New users must first post at /newchums/. Please click here to be redirected to the new users board. https://ccluster.com/newchums Ya might want to update that to enrive.org from ccluster.com

>>

>>7459 my bad for posting marky nudes thought she was 19 in those pics anyhow, AnonymousID/Benefits is showing >You have 250 posts and 452 active days Why can't I post with that account?

>>

>>7460 yet i can still report spam with that account I'm assuming my active days have a 2 day punishment..

>>

Took me a while to figure that one out fucker. I finally went to newchums and filled in the captcha >Your anonymous ID has been banned until: 2018-07-15 19:48:30. Until then, your post count will effectivelly be treated as having no more than 1 posts. Additionally, Your anonymous ID actual post count was penalized by: 10%. >Reasons for this may be: posting illegal images, malicious doxing, disruptive spamming, reporting posts where it was clear no illegal content/spam existed. >effectivelly Did you mean effectively? Pleb

>>

>>7459 This stuff should be on the front page. The front page STILL doesnt have a direct link to the rules and FAQ

>>

>>7467 This is on purpose, if you can't bother to lurk for 5 minutes and figure this shit out, you don't need to be posting here.

>>

>>7468 disagree

>>

some people are too stupid

>>
Image Thumbnail

>>7459 Just so you know, this is still a problem Gaddy.. >screenshot shows the link to ccluster, in the lower left corner, when my mouse is hovering over the link on the page you get when you try to make a post on any board other then newchums without enough days/posts with a new Anon ID..

>>
Image Thumbnail

>>7472 A whole new version of enrive's internal coding is coming soon and that will be fixed then

>>
Image Thumbnail

>>7473 >implying Gad is still alive Dead meme is dead chum

>>
Media deleted

>>7474 it´s real

>>
Image Thumbnail

>>7475 Is you gonna release a copy of the code so we can make our own Masterchans?

>>
Image Thumbnail

Gad, I just noticed that images from the sekrit board are showing up on curious wtf....

>>
Image Thumbnail

Help me understand the &Masterchanuser tag in the url.. >be me >bored >click on the twitter link on the top right corner of the screen >you haven't tweeted in 2 years >search twitter for enrive.org >pic related I click link and see: >Redirect Notice >The previous page is sending you to https://ccluster.com/?c&m&p&t&o&of=379&MasterChanUser=i7joa3kpb61asc0vl94f8fmfi2.

>>
Image Thumbnail

>>7478 >i7joa3kpb61asc0vl94f8fmfi2 So each user has a cookie with this string attached to their activity, and google is tracking it? Am I on to something here?

>>
Media deleted

>>7476 I intend to, perhaps when we are more solidified and also once I feel my code is finally professional enough to be shared. I'm scared of someone using it and making a fake site that pretends to be about free speech and anonymity, takes the traffic from us through marketing rather than actual features. Once people out there have a better understanding of how we work and why we are different I'd feel safer releasing it. I also gotta comb it for exploits a bit more myself before releasing,l since pretty much everything in the code was changed compared to previous versions, so it will be a while. >>7477 This will be fixed in the new version too, the current way secret boards work are a hack. I'll probably make so anyone can make a secret board, but keep sekrit on >>7479 >>7478 Yes, masterchan user is a cookie, I have no idea why you are getting it on your URL, weird

>>
Image Thumbnail

>>7480 >masterchan user is a cookie I looked at a free website vulnerability scanner website.. >https://pentest-tools.com/website-vulnerability-scanning/web-server-scanner# >pic related >Insecure HTTP cookies >Cookie Name Flags missing >MasterChanUser Secure >Risk description: >Since the Secure flag is not set on the cookie, the browser will send it over an unencrypted channel (plain HTTP) if such a request is made. >Thus, the risk exists that an attacker will intercept the clear-text communication between the browser and the server and he will steal the cookie of the user. If this is a session cookie, the attacker could gain unauthorized access to the victim's web session. >Recommendation: >We recommend reconfiguring the web server in order to set the flag(s) Secure to all sensitive cookies. >More information about this issue: >https://blog.dareboost.com/en/2016/12/secure-cookies-secure-httponly-flags/.

>>
Media deleted

>>7481 Thank you. As I recall from the old code, some cookies are secure while others are not, if I am correct so javascript can have access to the unsecured ones. For example, the cookies for auto updating a thread are not secure, since it is not sensitive information and javascript needs that access But I'll review them as I keep finishing the new code. It may be that HTTPS only cookies and javascrpit access cookies are completely two different settings either, and maybe all cookies should be HTTPs only

>>

>>7480 >I'll probably make so anyone can make a secret board Dood.. that would be so fucking sweet

>>

>>7480 >takes the traffic from us.. Wouldn't want another dead chan out there lmao




Update 5