Endless loop when rendering site (sometimes); Webmaster unreachable from outside

Started by fernewelten, Sun 27/06/2021 09:39:19

Previous topic - Next topic

fernewelten

So the following ended up on the AGS github site:

QuoteProbably terrible place to report this, but there are no contact webmaster links on the site, registering on forums requires completing AGS programming quizzes, and I dont have a discord account.

https://www.adventuregamestudio.co.uk website has this gem:

Code: ags
<img src="/images/facebook_logo.svg" onerror="this.src='/images/facebook_logo.png'" height="29" alt="Facebook logo">


When one of >10 million people with uBlockOrigin and "Fanboy’s Annoyance" filter visits one of its rules filters:

Code: ags
/facebook_logo.


this triggers an image load error, so executes 'onerror' and ..... you get the picture, 100% CPU utilization and constantly growing ram usage until tab crashes and is reloaded.

I'm just passing the message; I haven't verified any of verified this.

If unregistered viewers can't reach or easily find the the way to reach the webmaster, then this might pose a worse problem than in the current case. For instance, suppose a hacker has found a way to turn the website into a spam spout or virus infector and those that try to report this speedily are thwarted by questionnaires.

AGA

Fixed.  Having a mailing form is more of a vulnerability than I'm willing to have for minimal gain, and the answers to the quiz are right there if someone were to bother looking (and it takes  minute or something to register a Discord account!).

eri0o

Ah, this gives me an idea, put a link to the discord in the project readme or somewhere on GitHub.

This way if there's any problem that the website is unreachable, there's a link to Discord there - currently only link is on the website - not saying that this was the problem here, but, just in case.

I am never on Discord, so don't know if others are there still, but maybe there's people there.

Edit:

I looked into adding a badge using here: https://shields.io/category/chat

but it needs the discord server ID, if someone could put it here it would be helpful. (instant messaging gives me too much anxiety for me to deal with them...)

SMF spam blocked by CleanTalk