1. Dismiss Notice
  2. Can't Log-in?. If your password is no longer accepted but the email address registered in your profile is working, use the "Forgot Your Password?" routine. However, if your registered email address is unusable, create a new temporary phun account and contact S-type.
    Dismiss Notice
  3. Attention!! Links to filehost Rapidgator are not allowed for the purpose of downloading files in any forum on Phun. If you have questions contact a moderator.
    Dismiss Notice
  4. ATTN: Imagehost picpie is infected with the "internet security warning" redirect that tries to take users hostage with an inescapable redirect. Avoid using picpie as an imagehost.
    Dismiss Notice
  5. Too many Alerts? Why not adjust your "Alert Preferences" in your Profile Page?
    Dismiss Notice

Phun Tech Issues

Discussion in 'About phun.org' started by Green Bastard, Sep 17, 2013.

  1. Green Bastard

    Green Bastard feels good man

    Joined:
    May 12, 2012
    Messages:
    2,935
    Likes Received:
    4,706
    I'm copying this issue here for future reference:

    In short, the video tag (bbcode) that let's you paste in a url from YouTube and other sites, doesn't account for the fact that the share link YouTube gives uses the https protocol. The video tag supports the short youtu.be form just not with http(s) which is now the default. As a result, your video will just get parsed as mangled link instead of the embedded video.

    The fix for now is either to just use the full youtube.com url that is given in your url bar (as opposed to their "share" button), or if you do use the shortened youtu.be version, to remove the "s" from "https".

    The fix on our end should (after only a peak at the code) literally only be the addition of two characters in a file. But, it involves changing a core vBulletin file which would be overwritten by an update. It's generally a bad practice to "hack core" like that so I'd first like to see if it's fixed in a future or version or in vB's bug tracker.

    I might not have time to do that right away or might not end up wanting to make a change to core vBulletin files for such a small bug. For now, just know it's there.
     
    1 person likes this.
  2. MCA

    MCA Drinkin' Ale and Chasin' Tail ★ ★ ★ ☆ ☆ Ten Years of Phun

    Joined:
    Nov 4, 2007
    Messages:
    6,283
    Likes Received:
    35,831
    thanks. I am just censored that simply removing the S will lead the forum open to hacks.

    My other concern is that by 'altering' the formula will affect all the already posted videos.
     
  3. Green Bastard

    Green Bastard feels good man

    Joined:
    May 12, 2012
    Messages:
    2,935
    Likes Received:
    4,706
    It shouldn't open anything to attacks by you removing the "s" or by changing the vB code that parses the video tag. What happens when vBulletin sees a video tag is this:

    It looks at what's between the tags and it starts looking for sites it knows using matching patterns. So if it sees any of these:

    Code:
    [COLOR="#00aa00"][B]https://www.youtube.com[/B][/COLOR]/watch?v=pX8BXH3SJn0
    [COLOR="#00aa00"][B]http://www.youtube.com[/B][/COLOR]/watch?v=pX8BXH3SJn0
    [COLOR="#00aa00"][B]http://www.youtu.be[/B][/COLOR]/pX8BXH3SJn0
    It says hey I know that pattern and I have a formula to make some html from that. So it takes that number part at the end and makes this:

    Code:
    <iframe id="yui-gen9" class="restrain" title="YouTube video player" src="//www.youtube.com/embed/pX8BXH3SJn0?wmode=opaque" frameborder="0" height="390" width="640"></iframe>
    If it saw a Daily Motion url, it would recognize that and use their embed code instead. But, because the matching pattern for "youtu.be" doesn't account for the "s", it doesn't recognize that as a YouTube url and doesn't have any accompanying embed code to use.

    You'll notice in the iframe above it doesn't specify http or https. This is a protocol relative url and it means that if the page (on Phun) is http, the iframe will use http and if it's https it will use https. Phun just uses http so no matter which version you use in your video tag, the result will be just http. So it doesn't make it any less secure than it already was (which is as secure as plain old http is).

    That's something I would definitely test before implementing. But the only thing it should alter are any https youtu.be that already weren't parsing into correct embed codes. Those would now parse correctly.

    I'm just not a fan of modifying core vB files so I'd rather see if there's another way around it first.
     
    1 person likes this.
  4. shacknet

    shacknet

    Joined:
    Jan 31, 2008
    Messages:
    51
    Likes Received:
    206
    I have the following issue which tends to drive me to AdBlock. I don't want this so, here my description:

    I visit the site in Incognito Mode in Chrome.
    When I click a link , it loads (opens Popup Ad, but content loads). But on the following page, strange things happen. When trying to click any link, a quick popup opens and closes immediantly. After that, no link is clickable or hoverable. Right Mouse Button says something about flash. I have to reload the page completely and navigate using "open in new tab" for every link - avoiding left click, coz it would cause the scenario described above.

    I don't have these issues with AdBlock. But I don't want to harm the site by using it. I have this problem for at least 2 month now.
     
  5. Green Bastard

    Green Bastard feels good man

    Joined:
    May 12, 2012
    Messages:
    2,935
    Likes Received:
    4,706
    Are you just talking about Phun—while actually on a Phun page and not an image host?

    If so what cookie settings are you using in Chrome? (go to chrome://settings/content and look for the "Cookies" heading)
     
  6. shacknet

    shacknet

    Joined:
    Jan 31, 2008
    Messages:
    51
    Likes Received:
    206
    Yes, i'm talking about phun, not one of the imagehosts. Since I use Incognito Mode in Chrome, local cookies are allowed and are deleted when I close the browser.

    Now that i'm monitoring it more closely, I realize that it's not everytime I visit phun. I suspect some Ad/Tracking, that maybe doesn't get delivered every visit.
     
  7. Green Bastard

    Green Bastard feels good man

    Joined:
    May 12, 2012
    Messages:
    2,935
    Likes Received:
    4,706
    Typically, if everything goes right, you should get a pop up for that Jasmin site the first time you click on anything—even just the background and not just on links. But then you shouldn't get another popup for awhile (about a day or so). However, if cookies can't be set and read then it will occur every time because the script would be seeing every click as that first visit. That I can replicate, but not the Flash part.

    Some other things I'd try are turning Flash off or setting it to click-to-play if you really need it for some video sites. You are safer in general with it off anyway. And, lastly, check what other extensions are running. Did some rogue extension or PuP get installed?

    If all else fails, block it if you prefer.
     
  8. shacknet

    shacknet

    Joined:
    Jan 31, 2008
    Messages:
    51
    Likes Received:
    206
    Thanks for the answer. Currently, the behaviour is normal again.
     
  9. Kleinero

    Kleinero

    Joined:
    Aug 13, 2015
    Messages:
    4
    Likes Received:
    0
    Were having issues with spambots, so we tightened the posting restrictions for new users, which includes image and link posting. After 10 posts or so, things should be all good.
     
  10. GorToma

    GorToma

    Joined:
    Nov 2, 2005
    Messages:
    133
    Likes Received:
    66
    Is ther a chance to delete all threads and answers i made in the last years - means - i liked the site till today - but its shit to make a thread and than get an answer from some people that really suck and that are arent true - so tsite is over for me to write in
     

Share This Page