Even More DiscoMD5 Nonsense
-
To be fair, most people don't use anything other than basic markdown...I can't imagine any other way of exporting them though.
-
@Lorne_Kates said:
2. Does the permanently fuck up "Download My Posts" for anyone who posted a server-crashing post? (Or anyone who replied to it)? Or does DiscoDownload differentbake those files?
You get a .zip with those, right? The baked MD5 fuckery posts should compress rather well, if nothing else.
Filed under: zip bomb, discostyle
-
Yes.
Why? (Besides the obvious DickSauce and DoingItWrongTM answers)I get that they want to display something in the thread to give the illusion that the posting was successful although the server is still "cooking" it, but that content is on the client already. Why send it to the server as well?
DiscoCompare what the client "cooking" and the totally different server "cooking" did? I honestly can't think of anything that makes even a tiniest smidgen of sense.
-
@Lorne_Kates said:
Is this going to fuck up the migration? Does this mean the migration off this fuckswing will have to do MD5 parsing?
If we migrate the "raw": Yes.If so, does that mean the migration will need to be smrt enough to only do one level deep so it doesn't explode?
The explosion happens somewhere in the 48th layer of content validation, not in the MD5 parsing per se. If the migration thing relies on DickSauce already having validated the content and just parses it (say, five levels deep or something), we should be fine.Does the permanently fuck up "Download My Posts" for anyone who posted a server-crashing post? (Or anyone who replied to it)? Or does DiscoDownload differentbake those files?
Even DickSauce isn't stupid enough to re-server-bake (not cook?) content it already has in a server-"cooked" form. Right? RIGHT? So if it exported the cooked (we already know it doesn't, because ) you'd just get a nicely compressed ZIP file.
-
Why?
Disc...
Besides the obvious DickSauce and DoingItWrongTM answers
Oh.Fuck knows. Another silly JeffCo decision. As has been mentioned, they used to claim they were rendered the same client and server side, which makes the whole thing a tiny bit sillier.
-
I get that they want to display something in the thread to give the illusion that the posting was successful although the server is still "cooking" it, but that content is on the client already. Why send it to the server as well?
Well, if they didn't do this, then you wouldn't be able to see your post appear to succeed for several seconds before the server can
504 OK 400 Not OK 4Q Error body is too invalidly similar
, and you have to repost the whole fucking thing anyway. It'd also mean that your post formatting wouldn't glitch out wildly after looking AOK in the preview. Having said all that, maybe those aren't desirable features?
-
They're not desirable, as they're all clearly . And our wanting them proves we're rather than sane programmers.
-
WTDWTF is TRWTF.
-
Apparently, at least in 's world. In this world we ain't TRWTF.
-
No, .tar.gz.
-
Who.gz?
-
Well, if they didn't do this, then you wouldn't be able to see your post appear to succeed for several seconds before the server can
504 OK 400 Not OK 4Q Error body is too invalidly similar
, and you have to repost the whole fucking thing anyway. It'd also mean that your post formatting wouldn't glitch out wildly after looking AOK in the preview. Having said all that, maybe those aren't desirable features?
They do all that shit client-side anyway. Still makes no sense.
-
They do all that shit client-side anyway. Still makes no sense.
Precisely, they do all that shit, and it results in a worse UX than simply popping up a spinner and waiting for the server.
-
Precisely, they do all that shit, and it results in a worse UX than simply popping up a spinner and waiting for the server.
No, like I said, I get that. It's a not-so-bad idea (although implemented the DickSauce way, of course).
I don't get why they do all that shit client-side AND server-side AND still sent the client-side results to the server.
-
I don't get why they do all that shit client-side AND server-side AND still sent the client-side results to the server.
It's sort of like asking why someone is dousing their head in gasoline AND industrial alcohol when you only need one of those to set your head on fire, and also why are they trying to set their head on fire?
-
-
So If I hide something in an HTML comment somewhere, like a backtick quoted Belgium, then I can just 6c1674d14bf5f95742f572cddb0641a7 the 6c1674d14bf5f95742f572cddb0641a7 to 6c1674d14bf5f95742f572cddb0641a76c1674d14bf5f95742f572cddb0641a7 via 6c1674d14bf5f95742f572cddb0641a7 instead of just boring old Belgium-ing things?
Awesome.
-
There was some weird Disconumbering in another topic so I had a thought.
- This should be the number four.
a87ff679a2f3e71d9181a67b7542122c. This is the number four.
-
@Placeholder did it first here.
-
I mean...
63. Thing
6. a
-
- what?
- is
- this?
-
:whynotboth.pcx:
- sdfsdf
-
77591c818277b737d20cb61772942781
EDIT: Was worth a shot.
-
-
-
-
-
@Lorne_Kates said:
X. Romans
VI. Rule
But what did they ever do for us?They brought lead pipes to Flint.
-
@Lorne_Kates said:
http://i.imgur.com/vU3TRaB.png
wat
http://i.imgur.com/J3dSJB7.png
#wat
it's discourse. i don't even try to think about it anymore.
-
-
Has any discomd5 been posted to ban.d yet?
-
No, I'm banned but I would totally laugh if @anotherusername posted his MegaTextΒ© there. Harmless, but still fuck those guys.
-
Has any discomd5 been posted to ban.d yet?
Nope. I refuse to file useful bug reports. I'm not their fucking QA department.
Last time I tweeted something even remotely close to a bug report, I got Riking attacking me for acting in "bad faith". So fuck them.
I will gladly tweet that there ARE massive vulnerabilities:
No, I'm banned but I would totally laugh if @anotherusername posted his MegaTextΒ© there. Harmless, but still fuck those guys.
On one hand, I would love that to happen. Given that the DiscoDevs don't know how to do data manipulation on a data-base level, it would probably permanently destroy the site.
On the other hand, that's far too close to a useful bug report. I'd rather someone "accidentally" take down Cisco's forums instead. (Or whoever the fuck their "paying" clients are).
-
@Lorne_Kates said:
Or whoever the fuck their "paying" clients are
I'd really like to see LetsEncrypt switch off of Discourse. It's kind of sad that it's used for something that's supposed to be security-focused.
-
Surely it would be better to post it to every other discourse instance?
-
@Lorne_Kates said:
I'm not their fucking QA department.
That's because they don't have a fucking QA department.
-
a fucking QA department.
.... well there's a job i could get behind!
though.... how does one properly quantify a right proper boning for quality assurance purposes?
-
I think research is required
-
-
.... well there's a job i could get behind!
... do you seriously want to be involved in sex gone wrong? Like so wrong it breaks things?
-
Fucking hell! You can chain them! (view raw).
f0baf9d826ac4a4db7a16181c2e12790
30959683acc44085fd351bf35496678c
324f01846a7e7d1fe5d344c9932418b2
23e2523d6a99207c33989ce2d7df1954
-
bffb74fe6f59bb2aa1fa00f38bb76d9
-
So you can. Huh.
-
can you tone that down a bit?.... Chrome does NOT like.
-
Better?
-
can you tone that down a bit?.... Chrome does NOT like.
Maybe your Chrome is just "special". Mine handled it fine, although I used End instead of trying to scroll.
-
-
So for the benefit of those of us who missed the original post, what was up with it?
-
a
repeated many many many many many many many times through MD5 fuckery.
;-)
-
ο½ οοο