TPU Site issues 2016/17

[qubit]

Lots of images won't show, especially NASA ones. Is it because of hotlinking or whatever because they show up in reply/preview/quote mode

No, it's clearly due to a conspiracy by the illuminati.

 

[Drone]

No, it's clearly due to a conspiracy by the illuminati.

Aliens! They're everywhere!

 

[W1zzard]

Lots of images won't show, especially NASA ones. Is it because of hotlinking or whatever because they show up in reply/preview/quote mode

Works for me. Can you check if the images load eventually? I have a new DOS protection that will slow down your requests (up to 10 seconds) if you exceed a certain number in a short timeframe.

 

[Drone]

Works for me. Can you check if the images load eventually? I have a new DOS protection that will slow down your requests (up to 10 seconds) if you exceed a certain number in a short timeframe.

Didn't work. Exceed what number exactly?

 

[W1zzard]

Didn't work. Exceed what number exactly?

Link me to the thread please

 

[Drone]

Link me to the thread please

Here or here

 

[P4-630]

Here or here

Yup, I also see some broken images on these pages.

 

[W1zzard]

Here or here

Found some filesystem corruption in our image cache, cleaned it up, let's hope the broken files go away now. Please check again in an hour or so

 

[Drone]

Found some filesystem corruption in our image cache, cleaned it up, let's hope the broken files go away now. Please check again in an hour or so

I've waited more than an hour but images won't show. Does it mean that cache error persists?

 

[qubit]

Broken images for me too.

 

[W1zzard]

I've waited more than an hour but images won't show. Does it mean that cache error persists?

So I looked more into this and it seems that the broken images send a HTTP 301 redirect to a different URL.

In the past this worked, but apparently there was some security issue related to it, which was fixed recently, see this thread: https://xenforo.com/community/threa...e-image-proxy-to-follow-301-redirects.120346/

Not sure yet how to address this

Edit: From what I understand the issue is following, you put a link to your own webserver, then you make that send a 301 request that leads to one of our secret internal URLs, which shouldn't be accessible from the outside. But since the image proxy in XF will follow the URL, it will fetch our secret content or execute evil things.

 

[Drone]

I see, thanks for explanation. Sounds complicated

 

[W1zzard]

I see, thanks for explanation. Sounds complicated

You can fix it manually by pasting the image url in your browser, loading the image and then pasting the new url, which is usually just a change from http to https

 

[qubit]

So I looked more into this and it seems that the broken images send a HTTP 301 redirect to a different URL.

In the past this worked, but apparently there was some security issue related to it, which was fixed recently, see this thread: https://xenforo.com/community/threa...e-image-proxy-to-follow-301-redirects.120346/

Not sure yet how to address this

Edit: From what I understand the issue is following, you put a link to your own webserver, then you make that send a 301 request that leads to one of our secret internal URLs, which shouldn't be accessible from the outside. But since the image proxy in XF will follow the URL, it will fetch our secret content or execute evil things.

That loss of functionality sucks a bit, but I think it's overall better to be safe than sorry. I'd rather lose some pictures than potentially get a driveby malware download. Not worth hacking around it in my opinion.

 

[CAPSLOCKSTUCK]

What a shame.....some of my threads have many many pics missing.

 

[Drone]

You can fix it manually by pasting the image url in your browser, loading the image and then pasting the new url, which is usually just a change from http to https

The thing is posts can't be edited after a certain amount of time and there's no global search and replace function so I'll just move on lol

 

[W1zzard]

Oh you are right, i'll think of something

 

[jsfitz54]

This is our affiliate link for newegg. The forum adds those in transparently, so TPU makes a little bit of money when you buy something through the links (about 1%)

Would it be possible to add a section dedicated to Affiliate Links for those that may want to purchase from Newegg or others? Added to this page: https://www.techpowerup.com/forums/

Is it geared to single specific items or all purchases? How can I use it so you can get credit?

Example: Interested in this, http://www.newegg.com/Product/Product.aspx?Item=N82E16814137046

 

[qubit]

Oh you are right, i'll think of something

How about removing the editing time restriction? It's a real pain for me when I see something on one of my older posts that needs fixing or adding to. I know you put it in because there were a few disaffected members who started vandelizing their posts, but it seems unfair to me to punish the whole community because of a few doing this infrequently.

Ultimately, it can be picked up by say, noting the frequency of edits much like the frequency of new posts (no faster than one every 30 seconds) and flagging it to the mods and admins to deal with and reverse.

 

[CAPSLOCKSTUCK]

My favourite thread i ever started looks like this,

I,m not sure im up to the task.......

 

[W1zzard]

Would it be possible to add a section dedicated to Affiliate Links for those that may want to purchase from Newegg or others? Added to this page: https://www.techpowerup.com/forums/

Is it geared to single specific items or all purchases? How can I use it so you can get credit?

Example: Interested in this, http://www.newegg.com/Product/Product.aspx?Item=N82E16814137046

Just click any link to Amazon or newegg here on the forums and make your purchases within a day or so

 

[Aquinus]

Oh you are right, i'll think of something

I can understand this being a problem with respect to exposing secure internal network resources but, not so much with regards to remote code execution on your servers. I think there is a bigger concern that image proxy might not actually be getting just images. Maybe this could be a case where certain criteria could be allowed? For example, if the 302 response shares the first two domain segments (tld + first level,) or same IP, to allow it? I know this won't solve all of the broken images but, I would imagine that some of the locations of redirects might be safe to use based on where it is in relation to where the redirect came from. That would protect against any cross-domain redirects. Just an idea.

 

[W1zzard]

I can understand this being a problem with respect to exposing secure internal network resources but, not so much with regards to remote code execution on your servers. I think there is a bigger concern that image proxy might not actually be getting just images. Maybe this could be a case where certain criteria could be allowed? For example, if the 302 response shares the first two domain segments (tld + first level,) or same IP, to allow it? I know this won't solve all of the broken images but, I would imagine that some of the locations of redirects might be safe to use based on where it is in relation to where the redirect came from. That would protect against any cross-domain redirects. Just an idea.

I looked into exactly that, same ip = allow, but it's not an easy mod to the xf source code

 

[Aquinus]

@W1zzard, I poked you on this thread but, it appears that XF is still butchering FTP links by removing the ":" between the "ftp" and "//".
https://www.techpowerup.com/forums/...u-documentation-released.228190/#post-3561114

 

[AlienIsGOD]

so @W1zzard can you or are you able to fix the problem with being unable to edit OP in clubhouse or other threads? i heard you locked it down due to someone leaving and going apesh!t with editing posts