abucci
anthony.buc.ciNo description provided.
This year is a perfect square: 2025 = 45Ā². Most of us reading this at time of posting wonāt be alive next time that happens since 46Ā² = 2116, 91 years from now. This has been bouncing around the internet but for some reason I felt compelled to record it here!
↳
In-reply-to
»
@bender On twtxt, I follow all feeds that I can find (there are some exceptions, of course). Thereās so little going on in general, it hardly matters. š
ā¤ Read More
@quark@ferengi.one wow everybody loves @prologic@twtxt.net
Had to disable support functions because Iāve received three spammy support emails today. Thanks for that feature @prologic@twtxt.net
↳
In-reply-to
»
There is a bug in
ā¤ Read More
yarnd that's been around for awhile and is still present in the current version I'm running that lets a person hit a constructed URL like
A stopgap setting that would let me stop all calls to /external matching a particular pattern (like this damn lovetocode999 nick) would do the job. Given the potential for abuse of that endpoint, having more moderation control over what it can do is probably a good idea.
↳
In-reply-to
»
@mckinley He's signed up three times now even though I keep deleting the account, which is enough for me to permaban this person. I don't technically want open registrations on my pod but up till now I've been too lazy to figure out how to turn them off and actually do that, and there hasn't been a pressing need. I may have to now.
ā¤ Read More
@lyse@lyse.isobeef.org Interesting. The yarnd --help currently says (for me):
-R, --open-registrations whether or not to have open user registgration
meaning it doesnāt give the default setting or warn you that you need to use -R=false and not -R false. It also leaves unclear whether --open-registrations false would work or if you need to do --open-registrations=false. Itās also unclear whether the setting change in the user interface is overridden by the command line arguments, overrides the command line arguments, is persisted across restarts.
Maybe all this is worth posting an issue for additional documentation on the git repo if there isnāt one already.
āregistgrationā is misspelled that way in the help by the way.
There is a bug in yarnd thatās been around for awhile and is still present in the current version Iām running that lets a person hit a constructed URL like
YOUR_POD/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin
and see a legitimate-looking page on YOUR_POD, with an HTTP code 200 (success). From that fake page you can even follow an external feed. Try it yourself, replacing āYOUR_PODā with the URL of any yarnd pod you know. Try following the feed.
I think URLs like this should return errors. They should not render HTML, nor produce legitimate-looking pages. This mechanism is ripe for DDoS attacks. My pod gets roughly 70,000 hits per day to URLs like this. Many are porn or other types of content I do not want. At this point, if itās not fixed soon I am going to have to shut down my pod. @prologic@twtxt.net please have a look.
↳
In-reply-to
»
š Hello @nigergibe, welcome to Buccipod, a Yarn.social Pod! To get started you may want to check out the pod's Discover feed to find users to follow and interact with. To follow new users, use the
ā¤ Read More
āØ Follow button on their profile page or use the Follow form and enter a Twtxt URL. You may also find other feeds of interest via Feeds. Welcome! š¤
@mckinley@twtxt.net Heās signed up three times now even though I keep deleting the account, which is enough for me to permaban this person. I donāt technically want open registrations on my pod but up till now Iāve been too lazy to figure out how to turn them off and actually do that, and there hasnāt been a pressing need. I may have to now.
↳
In-reply-to
»
@abucci / @abucci Any interesting errors pop up in the server logs since the the flaw got fixed (unbounded
ā¤ Read More
receieveFile())? š¤
@stigatle@yarn.stigatle.no @prologic@twtxt.net my /tmp is also fine now! Thanks for your help @prologic@twtxt.net!