emoji-award-marseywholesome
Unable to load image
/h/meta Emoji Award given by @HomosexuaI: "marseywholesome" House Furry
@Aevann's profile picture @Aevann's hat
Aevann capy/bara world's largest rodent  1yr ago (devrama.net) Edited 1yr ago 1,214 thread views #134631
Reported by:

im too lazy to test so i need testers for new update --- badge and 1k mbux for each bug u find :marseycapy:

https://devrama.net/?s=

just go to https://devrama.net and make an account and test all functions of the site, and comment here if u find anything broken

the badge in question:

![](https://rdrama.net/i/badges/7.webp?b=6)

devrama features (not a bug):

  • everyone is janny

  • everyone has 1000000 coins and mbux

known bugs (specific to devrama, not worth fixing tbh):

  • The roulette board is missing completely

  • Casino leaderboards are blank and won’t change

merry christmas!

EDIT: apparently this needed be said, if you find a security vulnerability, pls DM me, don't actually use it or comment about it in this thread

125
New Old Top Bottom Controversial Random
Jump in the discussion.

No email address required.

View entire discussion

we don't have that lol

Jump in the discussion.

No email address required.

<a href={{{any rdrama path here}}}>www.bing.com{{{<}}}/a>

Does work for local link misdirection in the rdrama chat, are you sure there's no jwt/oauth/sso redirect url functionality? Im on my phone (vacation) so i cant check github

Jump in the discussion.

No email address required.

just try it out urself, my neighbor

Jump in the discussion.

No email address required.

One second its dont use the security vulnerability, the next second its use the vulnerability rslur

Smh

Jump in the discussion.

No email address required.

just to clarify for the future, I do want you to try shit out, I just don't want you to expose others to them or make them known publicly until they're fixed, its common sense really, I didnt think i would have to explain it lol

Jump in the discussion.

No email address required.

Yeah fair, but lets not pretend getting users to live test a dev site without understanding the security implications of that is any more ethical than live blogging the pasting of <img src=1 into text fields

Jump in the discussion.

No email address required.

yeah admin-only functions didnt rly get that much scrutiny xss-wise, thats on me

Jump in the discussion.

No email address required.

Its okay its about ethics in software engineering we can all learn together

:#marseycapylovepat:

Jump in the discussion.

No email address required.

:m#arseycapyheart:

Jump in the discussion.

No email address required.

just try it in a draft thread lol

Jump in the discussion.

No email address required.

Link copied to clipboard
Action successful!
Error, please refresh the page and try again.