Tampering with generatorName
I have recently discovered this but apparently you can tamper with the generatorName
variable to use another generator’s name despite that it’s a different generator name, in other words, identify that as another generator. This could be used to play with some sort of things that you can’t in a normal circumstance, like accessing the comments from another generator, even from deleted or renamed generators.
@perchance I’ve tested that on this generator: https://perchance.org/yxhpifl77e#edit, where it shows up comments from my generator hub page instead of that one’s generator.
Also, did any of you ever use the
generatorName
variable at all?tried some stuff and very interesting and i can become admin of your comment section. but it’s an illusion and doesn’t let me actually delete your posts
@Alllo Wait, that must be a glitch.
yes i made myself admin using my own password on another generator that i had renamed to yours and accessed the comment section of. tried to delete some of your comments (innocently, lol) and thankfully i was only able to delete them on the copy generator i had made and not on your main comment page. the option to delete did not show up while i was shown as admin of yours. at least Seems not dangerous.
the gallery thing highly dangerous tho. i have antiprompts preventing people from generating nazi’s, gore, etc in to mine; and i have seen other people do similarly to protect their galleries. the very first gallery i entered perchance on, pretty-ai, is set up this way to prevent child pron with antiprompt against phrases like ‘little kid’. Being able to stick stuff in people’s galleries from afar bypasses this protection and allows trolls to fill anyone’s gallery with anything. And I have seen that trolls love filling people’s galleries with horrid stuff just to hurt them.
hope @perchance@lemmy.world is eventually reached because i see the possibilities in this weakness and it bad. like horrible gaping hole of unprotection style weakness. no ability for gallery admin to moderate + bypass prompt barriers from afar and stick stuff in people’s galleries. im just repeatedly mentioning @perchance@lemmy.world because it seems bad enough that idk how it couldn’t be a thing to fix
maybe if we ping @perchance@lemmy.world sevenhundred million times they will realize there is something unusual up today and check it out.
i, from here, https://perchance.org/who-am-i , stuck the middle image in to the gallery of here https://perchance.org/beautiful-people
I guess as long as it doesn’t affect the original, and just ‘copies/mimics’ the original it is alright. But abusing it and ‘impersonating’ is one of the things that could happen.
EDIT: Upon changing the
generatorName
in atext-to-image-plugin
with gallery, I was able to push an image to it and save into the gallery from another URL. - this use case could be abused.
Kind of the same thing happened to me when commenting on my Popularity Achievement generator. It loses the admin tag when I refreshed the comments frame.
@perchance Update: I’ve modified the example, and apparently you can also change and modify the
generatorName
in-generator! There is a button that does that, and added somescript
elements (because scripts executed within square blocks will be always run after that)edit: @perchance@lemmy.world i think that, while comments seems to be safe from abuse this way, I just created an image from one gallery, made the name of the page another pagename with the gallery i wanted to feed that image in to, hit submit, and the image DID go in to that other page’s gallery.
high high high high high abuse potential where people can stick nasty images in other people’s galleries.
and while you are here, i am on the path to making a gallery plugin because various people have trolls come thru and post a bunch of nasty gore that makes it thru filters in to their galleries and they alone can do nothing about it, including not even move it to nsfw. https://perchance.org/imagineimage is a prime example and the creator was here on the forum asking for help with gore being spammed in to the pg13 area that they could do nothing about. ive seen it happen to other galleries too. so im on the path to making a gallery plugin that allows admin control literally because people are suffering and there is huge risk without it. but i don’t want to, you already have the gallery plugin, i don’t know how im gonna do storage unless i scale down the images and store them thru upload plugin, and generally seems better if you do it instead of me. i will tho if you prefer i continue to make it because there seems to be a critical need for gallery moderation. please, should i continue to make it? can you please tackle this issue instead? you seem better equipped. anyway, good time to mention it with the other critical gallery issue popping up
even if it is just whipped together and piggybacks on the adminchecking of the comments plugin
deleted by creator
looks like the tiny meat eating slime girl is really out of the bottle on this one
@perchance
https://connectionsnytunlimited.io is elegantly simple yet endlessly complex. Players are presented with a starting word or concept, from which they must branch out, forging connections to other words or concepts through associative links.