Spoofing bug January 16, 2006 11:57 PM   Subscribe

fandango_matt found a spoofing bug here.
posted by spiderwire to Bugs at 11:57 PM (19 comments total)

this is pretty obvious, so it may have been mentioned before -- if so, apologies, i just wanted to make sure that it was mentioned ASAP.

kind of tricky to filter out with a regexp, but you could have it search on "posted by < *>*to*< *>*at*M*[< *!(>]*" (that's probably not right, i suck at regexps) and strip out any HTML tags or something.
posted by spiderwire at 12:03 AM on January 17, 2006


"found a spoofing bug" is a rather nice way of describing what fandango_matt did.
posted by mediareport at 12:09 AM on January 17, 2006


there's no bug, he's just trying to fake a post. The fonts aren't exactly right and it sticks out to me. There's been talk in the past when people first started doing this, but people can't make a perfect copy of a fake comment, and it's rarely used (and usually used for jokes, like in this case).

I don't consider this a pressing issue really.
posted by mathowie (staff) at 12:20 AM on January 17, 2006


are you looking at the right comment matt? i can't tell the difference at all.
posted by panoptican at 12:25 AM on January 17, 2006


this is the url
posted by puke & cry at 12:26 AM on January 17, 2006


i am reading the thread right, right?
posted by panoptican at 12:27 AM on January 17, 2006


no, panop's link is right. matt, my suggestion for a regexp -> tagstrip will work and should be pretty restrictive.

he screwed up the [!] and the time so it's a pretty obvious spoof, but it could have been done to avoid those things. the key part was the use of the html entity, i think. maybe the tags as well.
posted by spiderwire at 12:29 AM on January 17, 2006


spiderwire: the "posted by" text is always off-color in a spoof. Just judge by that.
posted by Ryvar at 12:34 AM on January 17, 2006


i agree, spiderwire, that's an elegant solution. and it seems that you've fixed the [!] problem as well.
posted by mathøwie © at 2:20 AM CST on January 17 [!]


Oh, why thanks matt. Can I have a pony?
posted by spiderwire at 12:37 AM on January 17, 2006


wow, that worked well
posted by mathowie (staff) at 12:38 AM on January 17, 2006


thanks for your consistency matt. I appreciate it.
posted by puke & cry at 12:38 AM on January 17, 2006


Ryvar: no, it's not. see previous post, even if i did screw up the bottom part of it. the small tag has a class declaration to set the color. i got it wrong but it looks like it's possible.
posted by spiderwire at 12:39 AM on January 17, 2006


Meh, that trick is old skool. As Ryvar pointed out, the "posted by" text is always slightly out, although it usually catches out the unwary. Maybe the colourblind as well.
posted by dg at 12:40 AM on January 17, 2006


spiderwire, the classes are ignored and removed. There is no "hack". The "posted by" line clearly doesn't match.

Chill out, you're kind of taking this a bit too seriously.
posted by mathowie (staff) at 12:42 AM on January 17, 2006


what worked well, non-corporate mathowie?
posted by mathøwie ©® at 2:39 AM CST on January 17 [!]



Yes, I agree with Big Brother mathowie. He wants to know why you're not off oppressing that hung guy on the other thread.
posted by spiderwire at 12:43 AM on January 17, 2006


I suppose matt is right up in this, right? Oh, I guess he's too busy to bother with it. My bad.
posted by puke & cry at 12:43 AM on January 17, 2006


Oh, I see where the stripout happens.

Yeah, not taking it too seriously, just figured this would be a good sandbox, right?
posted by spiderwire at 12:45 AM on January 17, 2006


matt did you do something to fix my mis-formatted comment from earlier? that looks like another bug to itself.
posted by spiderwire at 12:47 AM on January 17, 2006


Yeah, I removed the closing div that broke the layout of the page.

Seriously, this is a non-issue. I'm closing this thread. If you want to continue discussing it, please post in the thread where the "hack" took place.
posted by mathowie (staff) at 12:49 AM on January 17, 2006


« Older User number bug   |   Mailto:s in posts, acceptable or not? Newer »

This thread is closed to new comments.