almost lost wynd.dev since the email i set on namecheap was one i don’t check very often so i missed all the messages telling me to renew it. glad no one stole it since that would be a pr nightmare
i figured out google oauth, that meaning that i can create “login with google“ buttons. radical
i was trying to install debian linux and accidently installed it without the gui so it’s just the terminal
where the HECK is my computer’s storage going????? i don’t even keep files on it i only have apps and downloads
edit: just found out its really easy to download more storage so i’ll do that
i feel like i’m not a good designer but i’m good at improving already existing designs so that’s something
(probably due to my wasteof client count at this point)
who’s attending the fifth annual womcon? i hear jeffalo’s gonna be there with a live wombat
xd
(for the non-technical people: this is comically incorrect)
(for op: yes there is a bug where you can double post when you click the button twice, but that only happens when you connection is slow, or when the site is already slow [as is happening right now due to unrelated issues]. also no, passwords are not stored as a plain document, what are you talking about. yes wasteof legacy does have some issues, but something tells me this list [or entire post] is AI generated because “SQL Injection” is one os the funniest things i’ve ever seen since no version of wasteof uses SQL. i can see that you have some actual bugs, but please don’t make up fake stuff and reference the archived wasteof1 repo.)
sry <3
warning!
From the tests i have done, there are many vulnerabilities on this website, there are also a lot of bugs. Example: when posting something, if you spam click `post` it will create a post for every time you click the button, there should be an implementation to limit the time between posts and to make the button a one time click. (THIS BUG MAKES THE SITE LAG!). its also a pain to delete all of the posts if you accidentally do so as the site refreshes but will still lag and there is a small chance that the post will not be deleted. There is also a password vulnerability… maybe don’t have the user’s passwords get stored as a plain document.
THERE ARE VULNERABILITIES IN THE REPO!; Yes, even tho the repo is the legacy site and isn’t used anymore it is still good to state the vulnerabilities on the repo as people might use the template to make their own site like this and wont know of the vulnerabilities in the code:
List of the vulnerabilities on the repo: SQL Injection, Cross-Site Scripting (XSS), Insecure Direct Object Reference (IDOR), Lack of Input Validation, Insecure, Outdated Dependencies, Lack of Error Handling, Insecure Session Managemen, Storage of Sensitive Data(user and password information: Insecure Password Storage, Weak Password Hashing, Lack of Password Salting, Insecure Password Verification, Missing Password Complexity Requirements, insecure Password Reset Token Generation, insecure Password Storage in Sessions), Lack of Secure Communication… sry <3
listening to a d&d campaign while writing code is peak productivity i’ve discovered
it’s back up, and honestly i only cared because my favourite website perr.in was down
this may be the first time i’ve seen github down, that’s wild. it’s not even just their site, it’s everything github related somehow. a lot of code teams will either be freaking out or happy that they don’t have to do work for the time being