Those are buttons, not sticks. Use two planks to make sticks
https://minecraft.wiki/w/Stick#Crafting
JRaccoon
Just a lvl 28 guy from Finland. Full-stack web developer and Scrum Master by trade, but actually more into server-side programming, networking, and sysadmin stuff.
During the summer, I love trekking, camping, and going on long hiking adventures. Also somewhat of an avgeek and a huge Lego fanatic.
A furry or something. Why be yourself when you can be a fluffy raccoon on the internet?
- 1 Post
- 20 Comments
Joined 2 years ago
Cake day: June 20th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
That one is black on purpose lol. Move your mouse over it, or touch it if on phone. Something might be revealed…
Three of the pics are AI generated. Two are obvious imo, and then I just trial and errored the third one.
First you convert wood to planks and then planks to sticks
Something is definitely broken. It should show a 3D version of a normal Captcha, with letters and numbers spinning in 3D space. Have you tried refreshing the page? (It should remember your progress) And is your browser up to date?
https://nextchessmove.com/ will help you there
I think it was a chair
Instead of counting individual dots, count the rows and columns. There’s one dot missing so then subtract one.
Just keep trying, it seems to play perfectly like 75% of the time but make a mistake on purpose every now and then
Oh, good to know. Maybe I give it another go over the weekend
How the fuck… Do you play rhythm games regularly? I can see that one being very easy for someone who does
Yeah, reading other comments, apparently it doesn’t matter if you select that one or not
It’s three in total. Two are pretty obvious, the one I just guessed
Right there with you. I wonder what the required accuracy% is, after many tries I can do around 80% but that’s not enough
15·3 months agoBasically I just used trial and error on that one. It uses a strict definition of vegetable, no tomatoes for example. Potato head counts as a vegetable.
That’s reassuring to know. What I don’t understand is why you have the
/api/v3/post/like/listroute. You say you don’t want votes to be snooped on, but then you add an endpoint that makes it very easy for instance admins to do exactly that if they choose to? Also worth pointing out that the tool linked here wouldn’t work in its current form if this route didn’t exist.
Compare your actions to releasing a 0-day exploit for a security vulnerability instead of responsibly disclosing. It doesn’t help, it just causes chaos until the people who do the actual work can figure out a solution.
This comparison is not fair at all. It’s not like the devs are unaware of this. They could start by removing the API endpoint that lists a post’s votes, but they haven’t, which means they seem to think it’s okay for the instance admins to snoop on votes if they so wish.
They can include runnable JavaScript too, which can cause vulnerabilities in certain contexts. One example from work some years back: We had a web app where users could upload files, and certain users could view files uploaded by others. They had the option to download the file or, if it was a file type that the browser could display (like an image or a PDF), the site would display it directly on the page.
To prevent any XSS (scripts from user-provided files), we served all files with the CSP sandbox header, which prevents any scripts from running. However, at the time, that header broke some features of the video player on certain browsers (I think in Safari, at least), so we had to serve some file types without the header. Mistakenly, we also included image files in the exclusion, as everyone through image files couldn’t contain scripts. But the MIME type for SVG files is
image/svg+xml… It was very embarrassing to have such a simple XSS vuln flagged in a security audit.
I know, right? Fuck that rhythm game. But now I’m a certified human so maybe it was all worth it lol