The official hack testing thread
-
I need a place to test some stuff and I can't be arsed to register on try.discourse.org. Even less so to install my own Discourse instance, what with all the madness of 17 different engines running 47 languages.
Also, I think most people wouldn't be happy with kind of stuff that this community is gonna try and come up with so I think it would be better to do this kind of thing in our own back yard.
So, in lieu of the similar topic over from CS (whose name I can't remember, I know, I'm TRWTF), I'm opening this one for specific purposes of breakage. Just try to avoid crashing the damned thing so it doesn't become useless.
-
this is a test
<tdwtf_signature_marker></tdwtf_signature_marker>
Hello!
-
B̛̙̤̪̥͍̥̃ͤͮͦ̉́̐̽̀r̶ͮ̈̅͑ͩ͐͆̌͗̿͐̈ͥ̅̃̇͟͏̸̱̩̦̪e̷̸̱̘̖̲̜͎̻̰ͨ͊̐̒́͟͟a̸̵ͧ̆ͫ͐̍̽͐̈̇ͭ̽̍̑ͮ͜͏҉̫̰̬͖͇̯̘͕͖̰̤̹̰̯̬̝ͅk̶̸̸̡ͩ͛̿̐̌͗̏̊̉̉͗̈̇̚͏̼̙̥̙ ̷̢̮̩̠͓͈̺̹̠̙̝̬̣̠̭͕̺ͭͪ̽̓̓̍̋ͮ͋͊͒ͣͯ̉̇͟͠A̞̲̘̘͖̹̳͕̺͖̣͍ͬ̊̇ͣ̏͑ͨ͂͗̇ͯͤ́ͅl̴̢̛̲̪͕̯̰̰̖̫̰͚͓̱͖͚̣̅̾̒̓̈ͦ̽͆̒ͥ̏̈́̀̚l̴̸̛̥̲̥̭̯̯̪̒̔̓̋͒̀̇̃̇̄ͤ̊̅̚̕͠ ̸̙̲̮̼̻͇̱̟̯̮̞͙̥̾̌̀̏̽̒͂ͬ̋͗ͣͭ̾͘T̷̷̲͙̠͇̻̦̦̫̰̯̟͓̩͈͎͇̻̯͛̿̓ͧ̓͊̕͜͠ḩ̻̩̘̖̱̟̻͔͔̬̪̯͔̮̠̙̪̱̏̅̏͛ͨ̈̐́̇̐̓̇ͭͭ̉̏ͧ̈́͘͞ͅį̢̖̱̭̺͓̲͍͍̙͉͎̜̰̳͎̏ͩ̈́ͭ͊͗̌ͯͤ͂͟͡ͅn̷̢̡̺͍̫̝͚͔̭̪̼͇̜̲͍̳̺͕̲̾͒̍͂̿͌ͨͮ̐̈́̄̑͛ͤ̉̑̓ͤͦͅͅg̸̖̲̳͎͎̫͚͂͑ͬ͊̕͞s̶̸͈̘̮͇̖̯͖̠͉̭͎̳̣͓̫͕̮̱͛͊ͥ̓ͣͫ̾̑̉̌̑̔͗̋ͣ̒
-
B̛̙̤̪̥͍̥̃ͤͮͦ̉́̐̽̀r̶ͮ̈̅͑ͩ͐͆̌͗̿͐̈ͥ̅̃̇͟͏̸̱̩̦̪e̷̸̱̘̖̲̜͎̻̰ͨ͊̐̒́͟͟a̸̵ͧ̆ͫ͐̍̽͐̈̇ͭ̽̍̑ͮ͜͏҉̫̰̬͖͇̯̘͕͖̰̤̹̰̯̬̝ͅk̶̸̸̡ͩ͛̿̐̌͗̏̊̉̉͗̈̇̚͏̼̙̥̙ ̷̢̮̩̠͓͈̺̹̠̙̝̬̣̠̭͕̺ͭͪ̽̓̓̍̋ͮ͋͊͒ͣͯ̉̇͟͠A̞̲̘̘͖̹̳͕̺͖̣͍ͬ̊̇ͣ̏͑ͨ͂͗̇ͯͤ́ͅl̴̢̛̲̪͕̯̰̰̖̫̰͚͓̱͖͚̣̅̾̒̓̈ͦ̽͆̒ͥ̏̈́̀̚l̴̸̛̥̲̥̭̯̯̪̒̔̓̋͒̀̇̃̇̄ͤ̊̅̚̕͠ ̸̙̲̮̼̻͇̱̟̯̮̞͙̥̾̌̀̏̽̒͂ͬ̋͗ͣͭ̾͘T̷̷̲͙̠͇̻̦̦̫̰̯̟͓̩͈͎͇̻̯͛̿̓ͧ̓͊̕͜͠ḩ̻̩̘̖̱̟̻͔͔̬̪̯͔̮̠̙̪̱̏̅̏͛ͨ̈̐́̇̐̓̇ͭͭ̉̏ͧ̈́͘͞ͅį̢̖̱̭̺͓̲͍͍̙͉͎̜̰̳͎̏ͩ̈́ͭ͊͗̌ͯͤ͂͟͡ͅn̷̢̡̺͍̫̝͚͔̭̪̼͇̜̲͍̳̺͕̲̾͒̍͂̿͌ͨͮ̐̈́̄̑͛ͤ̉̑̓ͤͦͅͅg̸̖̲̳͎͎̫͚͂͑ͬ͊̕͞s̶̸͈̘̮͇̖̯͖̠͉̭͎̳̣͓̫͕̮̱͛͊ͥ̓ͣͫ̾̑̉̌̑̔͗̋ͣ̒
Wonder how this affects replies with quotes...
-
B̛̙̤̪̥͍̥̃ͤͮͦ̉́̐̽̀r̶ͮ̈̅͑ͩ͐͆̌͗̿͐̈ͥ̅̃̇͟͏̸̱̩̦̪e̷̸̱̘̖̲̜͎̻̰ͨ͊̐̒́͟͟a̸̵ͧ̆ͫ͐̍̽͐̈̇ͭ̽̍̑ͮ͜͏҉̫̰̬͖͇̯̘͕͖̰̤̹̰̯̬̝ͅk̶̸̸̡ͩ͛̿̐̌͗̏̊̉̉͗̈̇̚͏̼̙̥̙ ̷̢̮̩̠͓͈̺̹̠̙̝̬̣̠̭͕̺ͭͪ̽̓̓̍̋ͮ͋͊͒ͣͯ̉̇͟͠A̞̲̘̘͖̹̳͕̺͖̣͍ͬ̊̇ͣ̏͑ͨ͂͗̇ͯͤ́ͅl̴̢̛̲̪͕̯̰̰̖̫̰͚͓̱͖͚̣̅̾̒̓̈ͦ̽͆̒ͥ̏̈́̀̚l̴̸̛̥̲̥̭̯̯̪̒̔̓̋͒̀̇̃̇̄ͤ̊̅̚̕͠ ̸̙̲̮̼̻͇̱̟̯̮̞͙̥̾̌̀̏̽̒͂ͬ̋͗ͣͭ̾͘T̷̷̲͙̠͇̻̦̦̫̰̯̟͓̩͈͎͇̻̯͛̿̓ͧ̓͊̕͜͠ḩ̻̩̘̖̱̟̻͔͔̬̪̯͔̮̠̙̪̱̏̅̏͛ͨ̈̐́̇̐̓̇ͭͭ̉̏ͧ̈́͘͞ͅį̢̖̱̭̺͓̲͍͍̙͉͎̜̰̳͎̏ͩ̈́ͭ͊͗̌ͯͤ͂͟͡ͅn̷̢̡̺͍̫̝͚͔̭̪̼͇̜̲͍̳̺͕̲̾͒̍͂̿͌ͨͮ̐̈́̄̑͛ͤ̉̑̓ͤͦͅͅg̸̖̲̳͎͎̫͚͂͑ͬ͊̕͞s̶̸͈̘̮͇̖̯͖̠͉̭͎̳̣͓̫͕̮̱͛͊ͥ̓ͣͫ̾̑̉̌̑̔͗̋ͣ̒
So...
Is this the place where I mention that we need a new tag cloud to attack?
-
what with all the madness of 17 different engines running 47 language
For the record, our Docker install is trivial, installing Docker is the only barrier to reading.
-
Well, the thread served my purpose so far, I managed to get my hackery working so far:
http://what.thedailywtf.com/t/so-i-kinda-sorta-made-signatures/1083
Filed under: Wow, that's a pretty mess of code
-
You should issue a password reset email for anyone reading the thread, it only requires session data, not actual login.
-
If you can't get a password reset email without being logged in, that might be an issue. You know, with the whole reason password reset emails were invented.
-
Password reset from preferences, not forgot password, ben.
-
I thought they were the same thing
-
what with all the madness of 17 different engines running 47 languages.
Reading the various install procedures reminded me of the "online installers" that Adobe and Google now use. Where you apparently need to download an installer just to run the actual installer (obligatory related xkcd).
The "easy way" to get a working development environment is apparently to install a program that downloads some stuff and creates a VM where you can run a command to download and install the actual code dependencies.
(you can get a pre-built VM with Discourse installed here by the way)
-
The "easy way" to get a working development environment is apparently to install a program that downloads some stuff and creates a VM where you can run a command to download and install the actual code dependencies.
I tried that. It ended up with Vagrant complaining about my VirtualBox version (it wanted something ancient), then doing some conversion magic which required additional 15ish GB disk space, and after it chugging for about an hour I finally started the VM... and ended up confronting step 2 in the howto.
I was done at that point and just sent it all to
/dev/null
, since I lost my will to live at that point, let alone trying to figure out how all this magic works and learning Ruby so I can actually start working on a plugin.
-
I suspect functionally they are, but one requires you to know the email you're requesting the password for, the other doesn't.
-
You know, when I saw this topic, I thought it was about the language which is also a WTF.
-
This is a reply in a topic to Matches, based on me cancelling a reply to matches in this topic and attempting to repro that bug.
-
Don't use bitnami, pretty please. Its not recommended by us.
If you want to use a VM use boot2docker and then https://github.com/discourse/discourse_docker really it is super simple only takes 10-20 minutes.
-
Docker is not set up as a development environment, is it? Do we even want people doing that if their intention is to do development work on Discourse?
-
Do we even want people doing that if their intention is to do development work on Discourse?
I am in the process of getting docker dev environment up, still not ready but in a few weeks.
-
Damn... didn't work.
-
-
Are you trying to embed me in an ordered list?
- A single penguin with a gun is adorable.
- An ordered list of penguins with guns is an army.
I was trying to float an image to far left, but only the list indicators overflow, unfortunately.
-
http://what.thedailywtf.com/t/the-official-hack-testing-thread/1081/23
selfquote
selfquote
edit: whoops, that wasn't meant to be a reply, sorry Onyx.
-
Is that url now off-limits for oneboxing?
http://what.thedailywtf.com/t/the-official-hack-testing-thread/1081/23
-
Testing reply button hits...
-
Yet another reply button hit test...
-
Foo
-
Reply 3@faoileag said:
Reply 3
-
-
Ok, step I: create a post@faoileag said:
Ok, step I: create a post
Step two: reply to it, then hit edit, then hit quote.@faoileag said:Ok, step I: create a post
Step two: reply to it, then hit edit, then hit quote.Ok, step I: create a post
Step two: reply to it, then hit edit, then hit quote.@faoileag said:Ok, step I: create a post
Step two: reply to it, then hit edit, then hit quote.Ok, step I: create a post
Step two: reply to it, then hit edit, then hit quote.@faoileag said:Ok, step I: create a post
Step two: reply to it, then hit edit, then hit quote.Ok, step I: create a post
Step two: reply to it, then hit edit, then hit quote.@faoileag said:Ok, step I: create a post
Step two: reply to it, then hit edit, then hit quote.
-
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
@faoileag said:
New Test, edit 1
New Test, edit 2
edit 3.
edit 4.
edit 5
edit 6 - find the reply that's not a self reply.
edit 7 - deeper nesting
Edit 8 - adding 10 nesting levels.
-
-
-
Are you bug testing or just fooling around with self-quoting? Because that should be easy, let me see if I can do ti without edits.
Are you bug testing or just fooling around with self-quoting? Because that should be easy, let me see if I can do ti without edits.
Ninja: yup, you can just write the quote tags manually, seems like there's no sanity checking.
-
-
Look ma I'm quoting myself in the future!
-
Bug: I can't expand my quote-within-quote recursively!
Paging @ben_lubar
-
Are you bug testing or just fooling around with self-quoting?
Just tried to understand how I got the self-replying post in the place, then that somehow ended in trying to see if I could break things :-)
-
-
Yet another test post
-
-
-
-
9007199254740992
That's ECMA-Script MaxInt.Ok, 9007199254740991, 9007199254740992, and 9007199254740993 as post ids / topic ids trigger a error 500 response.
Minor Edit, firebug is on.
-
-
Who would ever do that?
That thread has a looooong way to go, before it hits 9007199254740992 posts!Edit says: since you can type whatever you want in the editor, I wanted to have a look at how Discourse sanitizes that input.
Obviously, post and topic ids could do with a bit more sanitizing.
-
@faoileag, post:0x2E, topic:0x49 said:
since you can type whatever you want in the editor, I wanted to have a look at how Discourse sanitizes that input.
And hex?Edit: are taken as strings. Hmmm....
-
@faoileag, post:../../../, topic:../../ said:
Edit says: since you can type whatever you want in the editor, I wanted to have a look at how Discourse sanitizes that input.
If strings are accepted, what kind of strings?Edit: oh, you can use
../../
as post/topic ids...
-
I wanted to have a look at how Discourse sanitizes that input.
With regular expressions it would seem. Markdown is parsed by regex at least.
I'm expecting major breakage any day now.
-
@faoileag, post:../../../, topic:../categories said:
Edit says: since you can type whatever you want in the editor, I wanted to have a look at how Discourse sanitizes that input.
Linking to "categories" page... (edit) doesn't work