Conversation
Notices
-
Embed this notice
clacke (clacke@libranet.de)'s status on Sunday, 14-May-2023 12:22:35 JST 
clacke
@alfred I get popups from libranet that say "Tek". A lot. -
Embed this notice
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Sunday, 14-May-2023 12:32:31 JST 
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
@clacke That \<script>\</script> tag in his display name should be deactivated by Friendica. If it isn't, take some screenshots and report the bug. Maybe include a link to his profile, too. -
Embed this notice
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Sunday, 14-May-2023 12:34:57 JST
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
Missed the "You should" in there. It sounds like I'm giving you a command. @clacke -
Embed this notice
clacke (clacke@libranet.de)'s status on Sunday, 14-May-2023 15:58:24 JST
clacke
@lnxw48a1 Oh! Thanks. That's an injection that really shouldn't be allowed past the filters. Maybe that's the point being made. -
Embed this notice
clacke (clacke@libranet.de)'s status on Sunday, 14-May-2023 16:06:31 JST
clacke
@tek The issue has been brought to attention. It would improve the Fedi experience of me and many others if we didn't have to see this on every page load. Thank you. -
Embed this notice
Tek say resist (tek@freeradical.zone)'s status on Sunday, 14-May-2023 16:29:08 JST 
Tek say resist
@clacke Oh, wow! I didn’t think any software would be *that* seriously broken. I’ll see about changing my profile tomorrow, but that means libranet has a major, major security flaw. I could tell it to load whatever JS code I wanted into your browser by setting my name appropriately.
-
Embed this notice
clacke (clacke@libranet.de)'s status on Sunday, 14-May-2023 16:29:08 JST
clacke
@tek Yes, yes you could. And you're forgiven for thinking it wouldn't cause any harm. It shouldn't have.
Unfollowing stopped it from happening on every page load, but now as you joined this thread it's still happening here specifically. 😃
-
Embed this notice
clacke (clacke@libranet.de)'s status on Sunday, 14-May-2023 16:32:02 JST
clacke
@tek Oh. Now you're in my notifications, so I get the popup on every page again. I need to get 50 other notifications for you to get scrolled out. 🤣 -
Embed this notice
alfred (alfred@libranet.de)'s status on Sunday, 14-May-2023 18:44:23 JST
alfred
@clacke Ping @hypolite @heluecht
Can you please have a look at this? I don't have the time to open an issue right now. I can provide information later today, if needed. Thank you!clacke likes this. -
Embed this notice
clacke (clacke@libranet.de)'s status on Sunday, 14-May-2023 18:44:31 JST
clacke
@nupplaphil Go to this very conversation, or follow @tek . -
Embed this notice
Philipp Holzer (nupplaphil@friendica.philipp.info)'s status on Sunday, 14-May-2023 18:44:32 JST
Philipp Holzer
@alfred @clacke when do you get these popups? Can you paste the URL please. Thanks :) -
Embed this notice
clacke (clacke@libranet.de)'s status on Sunday, 14-May-2023 18:57:26 JST
clacke
Pulling this comment into @nupplaphil 's server. -
Embed this notice
Philipp Holzer (nupplaphil@friendica.philipp.info)'s status on Sunday, 14-May-2023 19:02:32 JST
Philipp Holzer
@alfred @clacke @tek can you mention me anywhere and directly post anything in my timeline too? thanks :) clacke likes this. -
Embed this notice
clacke (clacke@libranet.de)'s status on Sunday, 14-May-2023 19:02:33 JST
clacke
@nupplaphil libranet.de/friendica
This is Friendica, version 2023.04-1 that is running at the web location libranet.de. The database version is 1518/1518, the post update version is 1507/1507. -
Embed this notice
Philipp Holzer (nupplaphil@friendica.philipp.info)'s status on Sunday, 14-May-2023 19:02:34 JST
Philipp Holzer
@clacke hm, @alfred which Friendica version do you use? I see @tek posts with his "nickname" but no popup at all (the web-console doesn't show any errors too). I'm using the latest develop version of Friendica. -
Embed this notice
clacke (clacke@libranet.de)'s status on Sunday, 14-May-2023 23:49:52 JST
clacke
@alfred I'm seeing the popup. I'll clear some cookies and cache and stuff, see if that helps. -
Embed this notice
alfred (alfred@libranet.de)'s status on Sunday, 14-May-2023 23:49:54 JST
alfred
@clacke A fix has been merged. I switched to develop. So the fixed code is running now on libranet.de. Can you please test again? -
Embed this notice
clacke (clacke@libranet.de)'s status on Sunday, 14-May-2023 23:52:06 JST
clacke
@alfred Destroyed site data, logged in again, still seeing it. -
Embed this notice
clacke (clacke@libranet.de)'s status on Monday, 15-May-2023 00:37:26 JST
clacke
@alfred It's coming from the notifications dropdown. The popup happens when that is populated. -
Embed this notice
alfred (alfred@libranet.de)'s status on Monday, 15-May-2023 02:11:14 JST
alfred
@clacke Now I get it too because of the notification for tek's latest comment. 😮 clacke likes this. -
Embed this notice
Tek say resist (tek@freeradical.zone)'s status on Monday, 15-May-2023 02:11:16 JST
Tek say resist
@nupplaphil @alfred Hi!
clacke likes this. -
Embed this notice
Tek say resist (tek@freeradical.zone)'s status on Monday, 15-May-2023 02:11:20 JST
Tek say resist
@alfred @nupplaphil @clacke Side note: I reported the issue to Friendica.
clacke likes this. -
Embed this notice
alfred (alfred@libranet.de)'s status on Monday, 15-May-2023 02:11:21 JST
alfred
@tek @nupplaphil @clacke Should I stay on stable to debug this or should I switch to develop? -
Embed this notice
alfred (alfred@libranet.de)'s status on Monday, 15-May-2023 02:11:24 JST
alfred
@hypolite @clacke Ok. I enabled 'detailed notifications' now. Popup is back... clacke likes this. -
Embed this notice
alfred (alfred@libranet.de)'s status on Monday, 15-May-2023 02:11:25 JST
alfred
@hypolite @clacke The problem is that after you commented here the notification for tek's comment is no longer in the drop-down menu. ☺️ Means, now I don't get the popup anymore. -
Embed this notice
hypolite (hypolite@friendica.mrpetovan.com)'s status on Monday, 15-May-2023 02:11:27 JST
hypolite
@alfred @clacke I wasn’t able to reproduce the issue in the notification dropdown, I just fixed it in the notifications page. Can you please send me the HTML snippet of the dropdown so that I can submit a blind fix? -
Embed this notice
hypolite (hypolite@friendica.mrpetovan.com)'s status on Monday, 15-May-2023 08:21:49 JST
hypolite
@alfred @clacke Please send flowers to @jakob , he deserves them. clacke likes this. -
Embed this notice
alfred (alfred@libranet.de)'s status on Monday, 15-May-2023 08:21:50 JST
alfred
@hypolite @clacke Btw. taking a screenshot and simply paste the content here is a killer feature. So convenient. 😀 -
Embed this notice
alfred (alfred@libranet.de)'s status on Monday, 15-May-2023 08:21:51 JST
alfred
@hypolite @clacke Ok. I manged to find something in web developer tools. Is this sufficient? clacke likes this. -
Embed this notice
alfred (alfred@libranet.de)'s status on Monday, 15-May-2023 08:21:52 JST
alfred
@hypolite @clacke Sorry. No idea how to get the HTML of the notification menu. It doesn't seem to be a part of the page's source code. I opened the page source in Firefox. But I cannot find anything that looks like the content of the notifications. -
Embed this notice
hypolite (hypolite@friendica.mrpetovan.com)'s status on Monday, 15-May-2023 08:21:53 JST
hypolite
@alfred @clacke Still need the HTML snippet for either display before your node updates the display name that was just changed. -
Embed this notice
clacke (clacke@libranet.de)'s status on Monday, 15-May-2023 08:29:55 JST
clacke
Wow, thank you everyone for this quick response, it's been impressive, and thank you @tek for doing unusual things with your display name to uncover this. =)
-
Embed this notice
alfred (alfred@libranet.de)'s status on Monday, 15-May-2023 08:29:57 JST
alfred
@nupplaphil @clacke Yep. 😀 clacke likes this. -
Embed this notice
Philipp Holzer (nupplaphil@friendica.philipp.info)'s status on Monday, 15-May-2023 08:29:59 JST
Philipp Holzer
@clacke @alfred - merged, at least on my local node, the popups are gone clacke likes this. -
Embed this notice
Tek say resist (tek@freeradical.zone)'s status on Friday, 19-May-2023 05:26:24 JST
Tek say resist
@hypolite @alfred Do me a favor? I would like to announce this, but not until people have had a chance to upgrade. Would you let me know if/when a notice has gone out?
clacke likes this. -
Embed this notice
hypolite (hypolite@friendica.mrpetovan.com)'s status on Friday, 19-May-2023 05:26:24 JST
hypolite
@tek @alfred I would like to do an anticipated release, alongside another fix that has yet to be merged, and we will do the regular announcement then, giving you the credit for the find. clacke likes this. -
Embed this notice
hypolite (hypolite@friendica.mrpetovan.com)'s status on Friday, 19-May-2023 05:26:26 JST
hypolite
@tek The changes are already merged upstream, we haven't released them yet, but they are available on the develop, which @alfred has pulled on libranet.de. -
Embed this notice
Tek say resist (tek@freeradical.zone)'s status on Friday, 19-May-2023 05:26:27 JST
Tek say resist
@clacke @alfred @lnxw48a1@nu.federati.net @jakob @nupplaphil @hypolite @heluecht Well done, gang! Anyone have friends on the Friendica project who can merge the changes upstream?
-
Embed this notice
Tek say resist (tek@freeradical.zone)'s status on Friday, 19-May-2023 05:26:28 JST
Tek say resist
@hypolite @alfred I appreciate it, thanks. Best wishes with the release!
clacke likes this.
-
Embed this notice
All GNU social JP content and data are available under the