https://codeberg.org/user/sing_up
it should be sign_up instead of sing_up.
https://codeberg.org/user/sing_up
it should be sign_up instead of sing_up.
Sign Up URL is misspelled. #473
Closed
opened 2021年06月18日 12:51:14 +02:00 by aspirus
·
4 comments
fnetX
commented 2021年06月18日 13:39:05 +02:00
No, this is intentional 🙃
Quoting hw:
This intended to make it a tiny bit harder for bots that flooded us in the past with automatically submitted abusive registration+login requests. It is simplicistic but worked nicely so far. If bots catch up in the cat'n'mouse game and start their requests on this endpoint, we will have to fully randomize it to make it fully unpredictible.
Please don't abuse login or we need to add further restrictions.
Also see #439, #427, #383, #181, #127. Thank you for reporting your findings anyway. Welcome to Codeberg.
No, this is intentional 🙃
Quoting hw:
> This intended to make it a tiny bit harder for bots that flooded us in the past with automatically submitted abusive registration+login requests. It is simplicistic but worked nicely so far. If bots catch up in the cat'n'mouse game and start their requests on this endpoint, we will have to fully randomize it to make it fully unpredictible.
>
> Please don't abuse login or we need to add further restrictions.
Also see #439, #427, #383, #181, #127. Thank you for reporting your findings anyway. Welcome to Codeberg.
fnetX
closed this issue 2021年06月18日 13:39:06 +02:00
aspirus
commented 2021年06月19日 04:28:42 +02:00
Wouldn't it be better to use a turing test instead?
Wouldn't it be better to use a turing test instead?
fnetX
commented 2021年06月19日 10:53:43 +02:00
What do you mean? We already have a captcha in place, but there are also captcha-solving services (where humans in certain countries are paid via BTC to do the work). The point is that this doesn't really prevent targetted attacks on Codeberg, but automated bots that search Gitea instances and spam them (as they'd need to change the URL just for Codeberg).
Of course, better spam protection is still a topic we are working on.
What do you mean? We already have a captcha in place, but there are also captcha-solving services (where humans in certain countries are paid via BTC to do the work). The point is that this doesn't really prevent targetted attacks on Codeberg, but automated bots that search Gitea instances and spam them (as they'd need to change the URL just for Codeberg).
Of course, better spam protection is still a topic we are working on.
sugar700
commented 2023年09月09日 16:01:07 +02:00
I wonder if it would be possible to call sign up page sigո_up instead to avoid questions (using Armenian "ո" character here). Unicode tricks like this have an additional advantage in that they use Unicode, so they could confuse bots that poorly implement Unicode (an actual web browser will URL-encode "ո" as %D5%B8, but a bot may not be able to).
I wonder if it would be possible to call sign up page `sigո_up` instead to avoid questions (using Armenian "ո" character here). Unicode tricks like this have an additional advantage in that they use Unicode, so they could confuse bots that poorly implement Unicode (an actual web browser will URL-encode "ո" as %D5%B8, but a bot may not be able to).
Sign in to join this conversation.
Labels
Clear labels
Reduces accessibility and is thus a "bug" for certain user groups on Codeberg.
Something is not working the way it should. Does not concern outages.
Errors evidently caused by infrastructure malfunctions or outages
This issue involves Codeberg's downstream modifications and settings and/or Codeberg's structures.
Please join the discussion and consider contributing a PR!
No bug, but an improvement to the docs or UI description will help
This issue or pull request already exists
New feature
Involves changes to the server setups, use `bug/infrastructure` for infrastructure-related user errors.
An issue directly involving legal compliance
involving questions about the ToS, especially licencing compliance
Please consider editing your posts and remember that there is a human on the other side. We get that you are frustrated, but it's harder for us to help you this way.
Things related to Codeberg's external communication
More information is needed
This issue contains a clearly stated problem. However, it is not clear whether we have to fix anything on Codeberg's end, but we're helping them fix it and/or find the cause.
Related to Forgejo. Please also check Forgejo's issue tracker.
Migration related issues in Forgejo
Issues related to the Codeberg Pages feature
Issue is related to the Weblate instance at https://translate.codeberg.org
Woodpecker CI related issue
involves improvements to the sites security
Add a new service to the Codeberg ecosystem (instead of implementing into Forgejo)
An open issue or pull request to an upstream repository to fix this issue (partially or completely) exists (i.e. Forgejo, Weblate, etc.)
Codeberg's current set of contributors are not planning to spend time on delegating this issue.
accessibility
Reduces accessibility and is thus a "bug" for certain user groups on Codeberg.
bug
Something is not working the way it should. Does not concern outages.
bug
infrastructure
Errors evidently caused by infrastructure malfunctions or outages
Codeberg
This issue involves Codeberg's downstream modifications and settings and/or Codeberg's structures.
contributions welcome
Please join the discussion and consider contributing a PR!
docs
No bug, but an improvement to the docs or UI description will help
duplicate
This issue or pull request already exists
enhancement
New feature
infrastructure
Involves changes to the server setups, use `bug/infrastructure` for infrastructure-related user errors.
legal
An issue directly involving legal compliance
licence / ToS
involving questions about the ToS, especially licencing compliance
please chill
we are volunteers
Please consider editing your posts and remember that there is a human on the other side. We get that you are frustrated, but it's harder for us to help you this way.
public relations
Things related to Codeberg's external communication
question
More information is needed
question
user support
This issue contains a clearly stated problem. However, it is not clear whether we have to fix anything on Codeberg's end, but we're helping them fix it and/or find the cause.
s/Forgejo
Related to Forgejo. Please also check Forgejo's issue tracker.
s/Forgejo/migration
Migration related issues in Forgejo
s/Pages
Issues related to the Codeberg Pages feature
s/Weblate
Issue is related to the Weblate instance at https://translate.codeberg.org
s/Woodpecker
Woodpecker CI related issue
security
involves improvements to the sites security
service
Add a new service to the Codeberg ecosystem (instead of implementing into Forgejo)
upstream
An open issue or pull request to an upstream repository to fix this issue (partially or completely) exists (i.e. Forgejo, Weblate, etc.)
wontfix
Codeberg's current set of contributors are not planning to spend time on delegating this issue.
No labels
accessibility
bug
bug
infrastructure
Codeberg
contributions welcome
docs
duplicate
enhancement
infrastructure
legal
licence / ToS
please chill
we are volunteers
public relations
question
question
user support
s/Forgejo
s/Forgejo/migration
s/Pages
s/Weblate
s/Woodpecker
security
service
upstream
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".
No due date set.
Dependencies
No dependencies set.
Reference
Codeberg/Community#473
Loading...
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?