98
submitted 5 months ago* (last edited 5 months ago) by alyth@lemmy.world to c/mildlyinfuriating@lemmy.world

When I try to submit a post or comment containing the string [slash]etc[slash] passwd, the submit button goes into a loading state and spins indefinitely. The request is blocked by Cloudflare with status code 403. I can't even search for the forbidden string. You have to check dev tools to find out what went wrong, this error is not handled in the UI at all.

So, if you've ever tried to reply to a tech issue and the UI just won't let you, maybe this is why.

all 40 comments
sorted by: hot top controversial new old
[-] funkless_eck@sh.itjust.works 38 points 5 months ago
[-] funkless_eck@sh.itjust.works 19 points 5 months ago
[-] clay_pidgin@sh.itjust.works 38 points 5 months ago
[-] bionicjoey@lemmy.ca 37 points 5 months ago
[-] r00ty@kbin.life 7 points 5 months ago

Change the code on my luggage. No, wait, that's something else.

[-] spazzman6156@sh.itjust.works 0 points 5 months ago

/etc/passwd

[-] usernamesAreTricky@lemmy.ml 29 points 5 months ago* (last edited 5 months ago)

This smells like something being blocked by Cloudflare's WAF (Web Application Firewall) rules. I'd imagine there might be a rule there to try to block requests that look like they could involve sensitive files like the passwd file

https://developers.cloudflare.com/waf/

The UI should probably alert you of there being an issue posting after getting a 403 response

[-] eco_game@discuss.tchncs.de 5 points 5 months ago

Damn even though you explained the abbreviation I still read it as Wife Approval Factor for a second and was very confused

[-] dohpaz42@lemmy.world 17 points 5 months ago

Let’s see, I’m on lemmy.world: /etc/passwd

[-] alyth@lemmy.world 7 points 5 months ago* (last edited 5 months ago)

What the heck, it consistently does not work for me. I guess that's not the only deciding factor in why my posts don't go through. I've changed the pronoun in my post from 'you' to 'I' because it doesn't apply to everyone. ^^

[-] ilinamorato@lemmy.world 5 points 5 months ago* (last edited 5 months ago)

Hmm, weird. I notice that you're using Firefox; maybe that's the deal. I am too:

Aha! I think that might be it! I can't on Firefox either.

Edit: Nope, just tried it on Boost, and that didn't work either.

[-] ilinamorato@lemmy.world 1 points 5 months ago

Ok, I was on the "old." skin; let's try the standard skin.

Nope, it doesn't work on the standard skin, either.

[-] NeatNit@discuss.tchncs.de 5 points 5 months ago

Are you using the website or an app?

[-] marcos@lemmy.world 5 points 5 months ago* (last edited 5 months ago)

On the website:

/etc/password

Let's see.

EDIT: Well, maybe the Cloudfare filters are region-dependent.

[-] NeatNit@discuss.tchncs.de 2 points 4 months ago

I just realized my previous reply from 3 days ago might not be visible to you.

You wrote password instead of passwd, I think that's why it passed the filter.

Link to the comment you probably didn't receive: https://discuss.tchncs.de/post/17139304/10847588

[-] marcos@lemmy.world 1 points 4 months ago

Interesting, yep, passwd fails for me too.

[-] stalfoss@lemm.ee 15 points 5 months ago
[-] r00ty@kbin.life 8 points 5 months ago* (last edited 5 months ago)
[-] andrew_s@piefed.social 14 points 5 months ago

That's kinda funny, in a way - unsophisticated prevention for an unsophisticated attack.

Everyone trying to use the Internet normally suffers due to this kind of stuff.

[-] mystik@lemmy.world 13 points 5 months ago* (last edited 5 months ago)

⟋etc⟋passwd ⧸etc⧸passwd /etc/passwd

[-] NeatNit@discuss.tchncs.de 9 points 5 months ago

How dare you go outside the bounds of ASCII! 95 printable characters ought to be enough for anyone.

[-] elvith@discuss.tchncs.de 9 points 5 months ago

[slash]etc[slash]passwd

[-] neidu2@feddit.nl 6 points 5 months ago

Is it because it contains the word "ass" ? I can imagine this being caused by some poorly designed censoring software.
I remember in 1999 or thereabouts when I was playing Ultima Online, and the same thing happened when I was a ghost trying to get back into town to get resurrected: As I instinctly tried to open the gate to enter, I got the message "Your ghostly hand p4$$es through the gate"

[-] NeatNit@discuss.tchncs.de 6 points 5 months ago

Best not to try to roleplay as an ******in

[-] billiam0202@lemmy.world 2 points 4 months ago* (last edited 4 months ago)

You mean a buttbuttin?

Edit: Boost for Android won't let me post it either.

[-] alyth@lemmy.world 5 points 5 months ago

I remember those shenanigans from Neopets. You couldn't say cucumber on the forums.

[-] neidu2@feddit.nl 4 points 5 months ago

I had to read "cucumber" three times before I realized why.

[-] konalt@lemmy.world 5 points 5 months ago

Can't post on Lemmy.World, photon desktop UI. Interesting

[-] governorkeagan@lemdro.id 5 points 5 months ago
[-] governorkeagan@lemdro.id 5 points 5 months ago

Posted this from Thunder on lemdro.id

[-] A_A@lemmy.world 5 points 5 months ago* (last edited 5 months ago)

test №2 ...
/ etc /passwd
/ …/etc /passwd
/ …/…/etc /passwd
(from: Android, browser, on lemmy. …world)
i cannot post this if I remove the spaces !

[-] JackbyDev@programming.dev 3 points 5 months ago
[-] alyth@lemmy.world 1 points 5 months ago

using Tapatalk

[-] possiblylinux127@lemmy.zip 4 points 5 months ago
[-] possiblylinux127@lemmy.zip 2 points 5 months ago

That explains why I had trouble a while back

[-] veniasilente@lemm.ee 0 points 5 months ago

/etc/passw[nothing]d blocked here at lemm.ee.

[-] notabot@lemm.ee 2 points 5 months ago

Tried with 'Connect for lemmy' against lemm.ee and just got a full screen error that vanished after a second.

/ etc / passwd <- so none of the components are blocked.

[-] veniasilente@lemm.ee 1 points 5 months ago

I can only hope programming.dev of all instances doesn't have this problem!

(Also, I'm really wondering where does this error come from. It can't be, in theory, from lemmy itself, right? One would think user input in posts is sanitized so that it's not used as code, either raw or processed).

this post was submitted on 10 Jun 2024
98 points (99.0% liked)

Mildly Infuriating

35440 readers
635 users here now

Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that.

I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!

It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.


Rules:

1. Be Respectful


Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.

Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.

...


2. No Illegal Content


Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.

That means: -No promoting violence/threats against any individuals

-No CSA content or Revenge Porn

-No sharing private/personal information (Doxxing)

...


3. No Spam


Posting the same post, no matter the intent is against the rules.

-If you have posted content, please refrain from re-posting said content within this community.

-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.

-No posting Scams/Advertisements/Phishing Links/IP Grabbers

-No Bots, Bots will be banned from the community.

...


4. No Porn/ExplicitContent


-Do not post explicit content. Lemmy.World is not the instance for NSFW content.

-Do not post Gore or Shock Content.

...


5. No Enciting Harassment,Brigading, Doxxing or Witch Hunts


-Do not Brigade other Communities

-No calls to action against other communities/users within Lemmy or outside of Lemmy.

-No Witch Hunts against users/communities.

-No content that harasses members within or outside of the community.

...


6. NSFW should be behind NSFW tags.


-Content that is NSFW should be behind NSFW tags.

-Content that might be distressing should be kept behind NSFW tags.

...


7. Content should match the theme of this community.


-Content should be Mildly infuriating.

-At this time we permit content that is infuriating until an infuriating community is made available.

...


8. Reposting of Reddit content is permitted, try to credit the OC.


-Please consider crediting the OC when reposting content. A name of the user or a link to the original post is sufficient.

...

...


Also check out:

Partnered Communities:

1.Lemmy Review

2.Lemmy Be Wholesome

3.Lemmy Shitpost

4.No Stupid Questions

5.You Should Know

6.Credible Defense


Reach out to LillianVS for inclusion on the sidebar.

All communities included on the sidebar are to be made in compliance with the instance rules.

founded 1 year ago
MODERATORS