That as I said before depends on the forum , your neighborhood and what car you drive.
This neighborhood is made up of people who volunteer to help others less capable in running sophisticated software and those people rarely try anything remotely as what you have to show how crafty someone can be with html and some css deviancy .
But it is nothing that a moderator can't take care of when it happens. People flag that post and it gets removed. They are not inserting js or php ...
Just like most people would not steal my car if I left the keys in it...
take your car to a big city and put a countdown timer on it. Compare how long it takes before someone takes your car with just the keys in it vs. the keys in it and engine running. Although I think most people can start a car, I think having the engine on, will enhance your success rate and shorten latency period.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
@peregrine said:Now the basement door is welded shut! And no one can get out. Use the chimney if you want to play around.Monetary Donations will be appreciated
Roger, ten four on that
p, you are brilliant !!!! let's not spoil it for Barnabe and keep it as our little secret ... considering this thread is about spoilers
No different font sizes any more
Isn't there a way to only allow a defined set of styles? I agree that every position related style is super bad, but any font related styling is fun
Yes RJ the fun is over , no more html or css to make a nice post. No more because css is a security risk. People can abuse css and next thing you know the forum is plastered in banners pointing to a wrong vanilla version and possibly people can take over the forum via css.
Style can kill R_J ... Say no to CSS by saying goodbye to style....
I dunno who you think you're petitioning, but the CSS jankery that happened on this site drove me nuts. There's a difference between allowing something and liking it. I'm not mourning your ability to screw with everyone else, and it's bloody ironic watching you complain about it being disabled after the messages of you going apoplectic when someone else did it in a way you didn't like.
I don't ever recall doing it to blank out content Linc. He acted as if it was something new he had discovered. It was available since I joined. peregrine figured it out and then I did, but we never used it to block content or do anything malicious. That speaks for itself.
We never told anyone how to do it either.
I don't think it is ironic at all. It is sad.
For various reasons but mainly, one because people can be assholes and wreck a forum with css or anything if given the chance and these things to over protect end up having to be done.
@vrijvlinder: if you make a "Farewell CSS" party, I would just come for getting some cookies. I do prefer BBCode over Markdown, which even needs HTML to be a complete markup language. So English is not the only foreign language for me here.
And I'm the kind of guy who likes to abuse the possibilities to the max, so I'm absolutely okay with sacrificing unneeded freedom.
Comments
That as I said before depends on the forum , your neighborhood and what car you drive.
This neighborhood is made up of people who volunteer to help others less capable in running sophisticated software and those people rarely try anything remotely as what you have to show how crafty someone can be with html and some css deviancy .
But it is nothing that a moderator can't take care of when it happens. People flag that post and it gets removed. They are not inserting js or php ...
❌ ✊ ♥. ¸. ••. ¸♥¸. ••. ¸♥ ✊ ❌
take your car to a big city and put a countdown timer on it. Compare how long it takes before someone takes your car with just the keys in it vs. the keys in it and engine running. Although I think most people can start a car, I think having the engine on, will enhance your success rate and shorten latency period.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
Maybe there need to be a deviant badge , because you successfully squelched creativity by the use of errant html and css...
❌ ✊ ♥. ¸. ••. ¸♥¸. ••. ¸♥ ✊ ❌
Roger, ten four on that
p, you are brilliant !!!! let's not spoil it for Barnabe and keep it as our little secret ... considering this thread is about spoilers
❌ ✊ ♥. ¸. ••. ¸♥¸. ••. ¸♥ ✊ ❌
No different font sizes any more
Isn't there a way to only allow a defined set of styles? I agree that every position related style is super bad, but any font related styling is fun
font
sizes
with
html
heading
and
small
I suggested they use a whitelist of CSS stuff, but there's no CSS "cleaner" in the codebase right now and they're concerned about the additional resource load this would cause. There's some discussion in https://github.com/vanilla/vanilla/issues/2199 and https://github.com/vanilla/vanilla/pull/2204
Thanks for the hint to that discussion, but I get a mail for each comment on the vanilla repository - I would unbookmark that issue if I could
Yes RJ the fun is over , no more html or css to make a nice post. No more because css is a security risk. People can abuse css and next thing you know the forum is plastered in banners pointing to a wrong vanilla version and possibly people can take over the forum via css.
Style can kill R_J ... Say no to CSS by saying goodbye to style....
❌ ✊ ♥. ¸. ••. ¸♥¸. ••. ¸♥ ✊ ❌
Nothing stopping you from setting
My themes: pure | minusbaseline - My plugins: CSSedit | HTMLedit | InfiniteScroll | BirthdayModule | [all] - PM me about customizations
VanillaSkins.com - Plugins, Themes and Graphics for Vanillaforums OS
We mean here ...
❌ ✊ ♥. ¸. ••. ¸♥¸. ••. ¸♥ ✊ ❌
I dunno who you think you're petitioning, but the CSS jankery that happened on this site drove me nuts. There's a difference between allowing something and liking it. I'm not mourning your ability to screw with everyone else, and it's bloody ironic watching you complain about it being disabled after the messages of you going apoplectic when someone else did it in a way you didn't like.
I suggest dropping it now.
I don't ever recall doing it to blank out content Linc. He acted as if it was something new he had discovered. It was available since I joined. peregrine figured it out and then I did, but we never used it to block content or do anything malicious. That speaks for itself.
We never told anyone how to do it either.
I don't think it is ironic at all. It is sad.
For various reasons but mainly, one because people can be assholes and wreck a forum with css or anything if given the chance and these things to over protect end up having to be done.
I have nothing more to add ... not to worry
❌ ✊ ♥. ¸. ••. ¸♥¸. ••. ¸♥ ✊ ❌
@vrijvlinder: if you make a "Farewell CSS" party, I would just come for getting some cookies. I do prefer BBCode over Markdown, which even needs HTML to be a complete markup language. So English is not the only foreign language for me here.
And I'm the kind of guy who likes to abuse the possibilities to the max, so I'm absolutely okay with sacrificing unneeded freedom.
Personally I'm glad this has been taken seriously.
The fire-fighting that may have worked earlier isn't really viable and this site is setting an example.
grep is your friend.
Here you go @R_J
❌ ✊ ♥. ¸. ••. ¸♥¸. ••. ¸♥ ✊ ❌
So where are my cookies?
I think someone got there ahead of you: