We've recently been plagued by a problem, users have been abusing our image embedding and embedding malicious images that cause pop-ups for users that request their username and password, a large number of users had their accounts stolen because of this even after we posted warnings, because of this we had to take emergency action.
For the foreseeable future we'll be using a whitelist, where only images from trusted domains can be embedded, images not from a whitelisted site will be shown as a link instead, for users to click. This has caused some problems, however we're working to make this as easy as possible for users.
If you know of a widely used image host that you believe should be white listed, post them in this thread including an example url so we can add them. For example if you wanted to requets that we approve "imgur.com" you could include the url "i.imgur.com/image.jpg".
We want to try and limit the amount of domains white listed to only those we can trust, so where possible please use one of the pre-approved hosts instead of your own and requesting it to be whitelisted, however if not possible we will add them.
The Meaning of Life, the Universe, and Everything.
Join Date:
5/24/2010
Posts:
52
Minecraft:
WhatThePuckPT
Member Details
Could majhost.com be whitelisted? I use it for my images as it's of simple upload with no popups or stuff like that whatsoever. I can guarantee there were no problems even on other sites.
If I'm not mistaken, URL REMOVED on the support website is a place where we can request whitelisting of sites. Could be wrong though. Also, unless this was edited in the last 5 minutes, deviantart still doesn't work.
I agree with you guys in the decision to add a whitelist however blacklist may have been easier
I agree. I know that there are security concerns about doing this, but I find the whitelist to be too restrictive. I personally thing that a blacklist combined with more mods, a forum 'hide images' setting (enabled by default, with a warning when you disable it) and maybe a restriction of the img/simg tag to users who have been around a while would be just as effective.
How often does this list get checked and updated?
I think only forum admins and maybe forum devs have access to it (i'm pretty sure mods, as of now, don't, but they should), and some sites that have been requested for days still don't work, though nobody's sure if it's because they were rejected or haven't been reviewed yet.
I agree with you guys in the decision to add a whitelist however blacklist may have been easier
I agree. I know that there are security concerns about doing this, but I find the whitelist to be too restrictive. I personally thing that a blacklist combined with more mods, a forum 'hide images' setting (enabled by default, with a warning when you disable it) and maybe a restriction of the img/simg tag to users who have been around a while would be just as effective.
How often does this list get checked and updated?
I think only forum admins and maybe forum devs have access to it (i'm pretty sure mods, as of now, don't, but they should), and some sites that have been requested for days still don't work, though nobody's sure if it's because they were rejected or haven't been reviewed yet.
I've been agreed with! I feel so, so loved
And this list really needs to be checked a lot more than it currently is being checked. Maybe I'm impatient as my first post was not too long ago, but, y'knoww.
I've also requested dragcave.net quite a few times, and i wasn't the only one requesting it, actually
there was me and one other guy, but other people without any other people are getting agreed right away
dragcave doesn't look mighty suspicious, you've probably seen people with dragons in their signature, etc.
I think almost as soon as the whitelist was issued, i was requesting it
i'm sorry if I seem pushy, but seriously: I like having dragons in my signature.
And this list really needs to be checked a lot more than it currently is being checked. Maybe I'm impatient as my first post was not too long ago, but, y'knoww.
I've also requested dragcave.net quite a few times, and i wasn't the only one requesting it, actually
there was me and one other guy, but other people without any other people are getting agreed right away
dragcave doesn't look mighty suspicious, you've probably seen people with dragons in their signature, etc.
I think almost as soon as the whitelist was issued, i was requesting it
i'm sorry if I seem pushy, but seriously: I like having dragons in my signature.
I started the dragon cave thread. we have all been trying to get the site whitelisted since the whitelist was enabled. I'm used to having eggs in my sig too. I don't see why it hasn't been whitelisted yet seeing as it has probably gotten the most attention of any blocked site (and since it is clearly not a threat)
Imageshack is fantastic for pictures that you take and save for later, in fact, I use imageshack almost exclusively for almost all of my threads, however... for users constaly on the fly...
There is a lovely program known as "Gyazo" which takes screenshots on just a single mouse click for you (from a user-defined portion of the screen) and auto-uploads them into the Gyazo database. I would appreciate if the url style could be whitelisted, but understand if you're not willing to add it at the request of a single person.
If I'm not mistaken, URL REMOVED on the support website is a place where we can request whitelisting of sites. Could be wrong though. Also, unless this was edited in the last 5 minutes, deviantart still doesn't work.
yeah, deviantart still doesn't work.
removed the url, that's for something else :tongue.gif:
We've recently been plagued by a problem, users have been abusing our image embedding and embedding malicious images that cause pop-ups for users that request their username and password, a large number of users had their accounts stolen because of this even after we posted warnings, because of this we had to take emergency action.
For the foreseeable future we'll be using a whitelist, where only images from trusted domains can be embedded, images not from a whitelisted site will be shown as a link instead, for users to click. This has caused some problems, however we're working to make this as easy as possible for users.
If you know of a widely used image host that you believe should be white listed, post them in this thread including an example url so we can add them. For example if you wanted to requets that we approve "imgur.com" you could include the url "i.imgur.com/image.jpg".
We want to try and limit the amount of domains white listed to only those we can trust, so where possible please use one of the pre-approved hosts instead of your own and requesting it to be whitelisted, however if not possible we will add them.
We've recently been plagued by a problem, users have been abusing our image embedding and embedding malicious images that cause pop-ups for users that request their username and password, a large number of users had their accounts stolen because of this even after we posted warnings, because of this we had to take emergency action.
For the foreseeable future we'll be using a whitelist, where only images from trusted domains can be embedded, images not from a whitelisted site will be shown as a link instead, for users to click. This has caused some problems, however we're working to make this as easy as possible for users.
If you know of a widely used image host that you believe should be white listed, post them in this thread including an example url so we can add them. For example if you wanted to requets that we approve "imgur.com" you could include the url "i.imgur.com/image.jpg".
We want to try and limit the amount of domains white listed to only those we can trust, so where possible please use one of the pre-approved hosts instead of your own and requesting it to be whitelisted, however if not possible we will add them.
current white listed domains:
http://dragcave.net/
I've seen many people with dragon eggs from dragcave in their signatures.
i've used it on McForums without any problems before; and i've seen several others with eggs in their signatures as well
it's not an image hosting, more like a click-site game, like the "Has ___ internets, click to give an internet"
where your dragons grow on how many views and clicks they get.
http://www.mywot.com/en/scorecard/magistream.com
[SIMG] automatically resizes the image that is inside of it to fit the forum page.
yeah, deviantart still doesn't work.
[FAQ] Extremely Common Problems
[OFFICIAL] Dragon Cave Thread
however blacklist may have been easier
How often does this list get checked and updated?
I think only forum admins and maybe forum devs have access to it (i'm pretty sure mods, as of now, don't, but they should), and some sites that have been requested for days still don't work, though nobody's sure if it's because they were rejected or haven't been reviewed yet.
[FAQ] Extremely Common Problems
[OFFICIAL] Dragon Cave Thread
And this list really needs to be checked a lot more than it currently is being checked. Maybe I'm impatient as my first post was not too long ago, but, y'knoww.
I've also requested dragcave.net quite a few times, and i wasn't the only one requesting it, actually
there was me and one other guy, but other people without any other people are getting agreed right away
dragcave doesn't look mighty suspicious, you've probably seen people with dragons in their signature, etc.
I think almost as soon as the whitelist was issued, i was requesting it
i'm sorry if I seem pushy, but seriously: I like having dragons in my signature.
Please and thank you. If you have any concerns, contact Fredrickville.
Epic Dude
Mineverse: A New Way to Mine in a Universe of Minecraft!
http://www.mineverse.com/group.php?id=1
I started the dragon cave thread. we have all been trying to get the site whitelisted since the whitelist was enabled. I'm used to having eggs in my sig too. I don't see why it hasn't been whitelisted yet seeing as it has probably gotten the most attention of any blocked site (and since it is clearly not a threat)
[FAQ] Extremely Common Problems
[OFFICIAL] Dragon Cave Thread
There is a lovely program known as "Gyazo" which takes screenshots on just a single mouse click for you (from a user-defined portion of the screen) and auto-uploads them into the Gyazo database. I would appreciate if the url style could be whitelisted, but understand if you're not willing to add it at the request of a single person.
Here is an example:
URL: http://gyazo.com/fa5d94692cbb940023666206fe8f49b1.png
removed the url, that's for something else :tongue.gif:
can you add FileBeam to the list please?