Issue on the forums - "harmful" avatar or something

VVK · Tue 02/07/2013 19:57:07

When trying to enter some of the threads on these forums, I get a message from F-Secure saying it's blocked a harmful website at http://meleepta.x10.mx/images/monkey_05_06/avatar.php and I shouldn't enter the page, ie. thread, in question. What could this be about? Some poster's avatar?

Crimson Wizard · Tue 02/07/2013 20:27:01

Yes, monkey_05_06 has a php link in his avatar, it gets a random animated Gif from his website.
Not sure how generally harmful his website is, but it makes my Google Chrome freeze for several seconds once in a while.

Ryan Timothy B · Tue 02/07/2013 21:44:24

Perhaps preventing PHP links from being used in your avatar or footer is necessary. Not to bash Monkey's avatar, it's a great idea, but it's a little unfriendly if people are having any issue due to his avatar; whether slower loading or a false threat detection.

AGA · Wed 03/07/2013 07:08:59

Get NoScript, or AdBlock Plus, and block monkey's image host. Simple!

I'm not willing to spend the time hacking the forums to work around one very small issue. SMF is a lot more complicated than you might realise!

Snarky · Wed 03/07/2013 10:02:36

Or we could ask monkey to fix it on his end...

Ryan Timothy B · Wed 03/07/2013 23:20:00

Alright. I just assumed there was a separate script for the profile editing. If php, return form with an error.

I haven't had any issues with his avatar, but obviously many others are.

VVK · Thu 04/07/2013 21:01:49

Quote from: AGA on Wed 03/07/2013 07:08:59
Get NoScript, or AdBlock Plus, and block monkey's image host. Simple!

Seems to work, thanks.

monkey0506 · Fri 05/07/2013 19:30:19

I've gone ahead and for the time being disabled the GIF processing bits. Beyond that if your AV program has an issue with a PHP request URI that serves up a properly MIME typed PNG file, then it's your AV's problem and you should consider using a real one instead.

Regarding the GIF animation issue, it turns out that if Chrome can't cache the entire GIF animation then it loses its freaking mind. The whole purpose behind me recently adding header info to make the avatar non-cacheable was simply to force the image to reload when using a meta-timeout refresh (elsewhere). It was a silly thing to do, but I'll fix it later. No need to enter into Ryan Timothy's ideal police state of total censorship.

Code: php

  header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
  header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); 
  header("Cache-Control: no-store, no-cache, must-revalidate"); 
  header("Cache-Control: post-check=0, pre-check=0", false);
  header("Pragma: no-cache");

This is the offending anti-caching code, stolen from the interwebz somewhere. It's probably also the reason why your ignorant AV program thinks the site is unsafe. My avatar script is literally the only thing hosted on my site right now, other than my avatars themselves and a public service message about how I'm never going to create a proper default home page for my "site". If that's not what is causing your worthless AV program to throw the error, then it is in fact rejecting the mismatch between URI and MIME type, which is the most completely ignorant and stupid way I can conceive of trying to internet. Seriously, you should try using a real antivirus software.

Khris · Fri 05/07/2013 20:30:00

What is wrong with you...?

cat · Fri 05/07/2013 20:34:53

Quote from: VVK on Tue 02/07/2013 19:57:07
http://meleepta.x10.mx/images/monkey_05_06/avatar.php

Nice, blocking this link in AdBlock works

selmiak · Fri 05/07/2013 21:15:22

but how do you block monkeys posts?

Ryan Timothy B · Fri 05/07/2013 22:37:06

Quote from: monkey_05_06 on Fri 05/07/2013 19:30:19
No need to enter into Ryan Timothy's ideal police state of total censorship.

I do. I'm not saying we block them from posts, just avatars and signatures. These are the things every bastard has to load each time, why make us have to load your GIF/PNGs each and every time - I'm assuming a PHP referred image doesn't get cached.

And I agree. There seriously is something wrong with you. I miss the old pleasurable Monkey. I used to read a ton of your posts and threads from before I even joined the forums.

You whined you aren't making an impact in the way that you wanted, so now you're trying to make an impact by being an ass.

Ghost · Sat 06/07/2013 15:55:54

Quote from: Ryan Timothy on Fri 05/07/2013 22:37:06
You whined you aren't making an impact in the way that you wanted, so now you're trying to make an impact by being an ass.

Aye. What IS it? Spit it out, get over yourself.

Snarky · Sat 06/07/2013 16:00:33

This is not the "attack monkey" thread. The issue has been addressed (right?), so I'm locking the thread.