Feed Back to Vanilla Team - broken blog links and security flaw.
all of the links to the blog in https://vanillaforums.com/resources/faqs appear to be broken and just go to the main blog page.
e.g. http://vanillaforums.com/blog/help/how-to-add-facebook-twitter-google-and-openid-to-your-community/
goes to http://vanillaforums.com/blog
http://vanillaforums.com/blog/help/implementing-jsconnect-single-signon-on/
goes to http://vanillaforums.com/blog
all of the subject go to the main page.
Is that your intention or are you aware?
regarding security flaw...
this plugin has been marked as a security vulnerabilty?
wouldn't it be wise to remove a plugin from the downloads area - add-ons if it allows XSS attacks? considering it is advisable to upgrade php and vanilla when security flaws are found. why upgrade vanilla if you can introduce a security issue with a plugin that has been identified to contain one and hasn't been updated.
Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.
Comments
Yes, and it has.
Search first
Check out the Documentation! We are always looking for new content and pull requests.
Click on insightful, awesome, and funny reactions to thank community volunteers for their valuable posts.
Yes I noticed, I sent Todd a message and the plugin with the xss vulnerability was removed in the past 48 hours. perfect. Better late then never.
No response as yet related to above blog links going to home page instead of specific subject matter, whether it will be adjusted in the future, but at least it has been reported.
Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.
You would do better to direct stuff like that to me rather than Todd. Also, there is an issue tracker for the community: https://github.com/vanilla/community/issues
Sorry I missed this issue earlier. Links in the FAQ have been fixed.
mission accomplished.
Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.
more feedback if of interest.
users are spamming your archived discussions.
for example https://vanillaforums.org/discussion/comment/231513/#Comment_231513
since these categories do not appear in recent discussions or in the categories page.
you open yourself up to spamming of the vanilla forum, if you archive discussions and don't close them as well.
since only a person looking at the archived discussion will see the spam, and it will not pop up on the recent discussions to be flagged. not sure if flagging an archived discussion actually works either.
Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.
looks like a bit more spamming in archived categories - that are not closed to posting. vanilla 2.1 and before category.
the comment https://vanillaforums.org/discussion/comment/242142/#Comment_242142
in this discussion
https://vanillaforums.org/discussion/27081/anonymous-posting-no-registration-required
not sure if flagging from archived category works. can it be confirmed if flagging in archived categories works as it should.
Pragmatism is all I have to offer. Avoiding the sidelines and providing centerline pro-tips.
I didn't see anything in the moderation queue, which is the expected result of flagging something. Di you use the report action under flag?
Search first
Check out the Documentation! We are always looking for new content and pull requests.
Click on insightful, awesome, and funny reactions to thank community volunteers for their valuable posts.