TangibleCryptography (OP)
|
|
July 27, 2012, 05:04:24 PM |
|
Ouch. I will look into that and do some back testing on older browser versions. I have to ask, any particular reason you are running a browser version which is almost a year and half out of date? You aren't still running version 0.2 of the bitcoin client also are you? I mean poorly formatted sites should be the least of your worries. There are a number of serious security vulnerabilities which have been patched in later versions. The web browser is a very common attack vector for malicious code. The best defense is keeping it patched against exploits. As a heads up, your browser remains vulnerable to all these known exploits http://www.mozilla.org/security/known-vulnerabilities/firefox.htmlMFSA 2012-56 Code execution through javascript: URLs MFSA 2012-55 feed: URLs with an innerURI inherit security context of page MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption MFSA 2012-51 X-Frame-Options header ignored when duplicated MFSA 2012-50 Out of bounds read in QCMS MFSA 2012-49 Same-compartment Security Wrappers can be bypassed MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden MFSA 2012-47 Improper filtering of javascript in HTML feed-view MFSA 2012-46 XSS through data: URLs MFSA 2012-45 Spoofing issue with location MFSA 2012-44 Gecko memory corruption MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6) MFSA 2012-54 Clickjacking of certificate warning page MFSA 2012-40 Buffer overflow and use-after-free issues found using Address Sanitizer MFSA 2012-39 NSS parsing errors with zero length items MFSA 2012-38 Use-after-free while replacing/inserting a node in a document MFSA 2012-37 Information disclosure though Windows file shares and shortcut files MFSA 2012-36 Content Security Policy inline-script bypass MFSA 2012-35 Privilege escalation through Mozilla Updater and Windows Updater Service MFSA 2012-34 Miscellaneous memory safety hazards MFSA 2012-33 Potential site identity spoofing when loading RSS and Atom feeds MFSA 2012-32 HTTP Redirections and remote content can be read by javascript errors MFSA 2012-31 Off-by-one error in OpenType Sanitizer MFSA 2012-30 Crash with WebGL content using textImage2D MFSA 2012-29 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues MFSA 2012-28 Ambiguous IPv6 in Origin headers may bypass webserver access restrictions MFSA 2012-27 Page load short-circuit can lead to XSS MFSA 2012-26 WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error MFSA 2012-25 Potential memory corruption during font rendering using cairo-dwrite MFSA 2012-24 Potential XSS via multibyte content processing errors MFSA 2012-23 Invalid frees causes heap corruption in gfxImageSurface MFSA 2012-22 use-after-free in IDBKeyRange MFSA 2012-20 Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4) MFSA 2012-19 Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28) MFSA 2012-18 window.fullScreen writeable by untrusted content MFSA 2012-17 Crash when accessing keyframe cssText after dynamic modification MFSA 2012-16 Escalation of privilege with Javascript: URL as home page MFSA 2012-15 XSS with multiple Content Security Policy headers MFSA 2012-14 SVG issues found with Address Sanitizer MFSA 2012-13 XSS with Drag and Drop and Javascript: URL MFSA 2012-12 Use-after-free in shlwapi.dll MFSA 2012-11 libpng integer overflow MFSA 2012-10 use after free in nsXBLDocumentInfo::ReadPrototypeBindings MFSA 2012-09 Firefox Recovery Key.html is saved with unsafe permission MFSA 2012-08 Crash with malformed embedded XSLT stylesheets MFSA 2012-07 Potential Memory Corruption When Decoding Ogg Vorbis files MFSA 2012-06 Uninitialized memory appended when encoding icon images may cause information disclosure MFSA 2012-05 Frame scripts calling into untrusted objects bypass security checks MFSA 2012-04 Child nodes from nsDOMAttribute still accessible after removal of nodes MFSA 2012-03 <iframe> element exposed across domains via name attribute MFSA 2012-01 Miscellaneous memory safety hazards (rv:10.0/ rv:1.9.2.26) MFSA 2012-41 Use-after-free in nsHTMLSelectElement MFSA 2011-58 Crash scaling <video> to extreme sizes MFSA 2011-57 Crash when plugin removes itself on Mac OS X MFSA 2011-56 Key detection without JavaScript via SVG animation MFSA 2011-55 nsSVGValue out-of-bounds access MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library MFSA 2011-53 Miscellaneous memory safety hazards (rv:9.0) MFSA 2011-52 Code execution via NoWaiverWrapper MFSA 2011-51 Cross-origin image theft on Mac with integrated Intel GPU MFSA 2011-50 Cross-origin data theft using canvas and Windows D2D MFSA 2011-49 Memory corruption while profiling using Firebug MFSA 2011-48 Miscellaneous memory safety hazards (rv:8.0) MFSA 2011-47 Potential XSS against sites using Shift-JIS MFSA 2012-02 Overly permissive IPv6 literal syntax MFSA 2011-45 Inferring Keystrokes from motion data MFSA 2011-44 Use after free reading OGG headers MFSA 2011-43 loadSubScript unwraps XPCNativeWrapper scope parameter MFSA 2011-42 Potentially exploitable crash in the YARR regular expression library MFSA 2011-41 Potentially exploitable WebGL crashes MFSA 2011-40 Code installation through holding down Enter MFSA 2011-39 Defense against multiple Location headers due to CRLF Injection MFSA 2011-36 Miscellaneous memory safety hazards (rv:7.0 / rv:1.9.2.23) MFSA 2011-35 Additional protection against fraudulent DigiNotar certificates MFSA 2011-34 Protection against fraudulent DigiNotar certificates MFSA 2011-38 XSS via plugins and shadowed window.location object MFSA 2011-29 Security issues addressed in Firefox 6 MFSA 2011-28 Non-whitelisted site can trigger xpinstall MFSA 2011-27 XSS encoding hazard with inline SVG MFSA 2011-26 Multiple WebGL crashes MFSA 2011-25 Stealing of cross-domain images using WebGL textures MFSA 2011-22 Integer overflow and arbitrary code execution in Array.reduceRight() MFSA 2011-21 Memory corruption due to multipart/x-mixed-replace images MFSA 2011-20 Use-after-free vulnerability when viewing XUL document with script disabled MFSA 2011-19 Miscellaneous memory safety hazards (rv:3.0/1.9.2.18)
|
|
|
|
BkkCoins
|
|
July 27, 2012, 10:49:10 PM |
|
I'm running the latest update of the Ubuntu FF version. 14.0.1 Here is a screen snap of what I see... it seems the "select payout method" dropdown is intended to be in the block above but is showing on top of "Order Details". Likely different interpretation of css block attributes.
|
|
|
|
TangibleCryptography (OP)
|
|
July 27, 2012, 11:10:17 PM |
|
Thank you for bringing this to my attention. This weekend we will be moving to a new site based on twitter bootstrap that should improve cross browser compatibility.
|
|
|
|
rjk
Sr. Member
Offline
Activity: 448
Merit: 250
1ngldh
|
|
July 28, 2012, 02:23:36 AM |
|
If you disable ALL addons does the same stuff happen? My guess would be a misconfigured adblocker or something similar.
|
|
|
|
BkkCoins
|
|
July 28, 2012, 03:14:40 AM Last edit: July 28, 2012, 05:46:54 AM by BkkCoins |
|
If you disable ALL addons does the same stuff happen? My guess would be a misconfigured adblocker or something similar.
While I do have several add-ons none of them should be altering content at all. No AdBlock type things. Almost all of them are certificate, security, proxy switching things. Only Firebug stands out and I don't think it would do this. But I can load the website from a guest account and see. edit/result: Strange. Using a guest account and same FF shows the page fine. But disabling all add-ons doesn't fix the issue either. Not an Add-On but perhaps some other hidden tweak made in time past? Or what else would be different between my user account and a guest one? further edit/investigation:Checking the page with Firebug reveals that the code, ... <div id="payout"> <fieldset class="sellfieldset" style="float: left; height: 20em; width: 38em;"> ... when modified to be width: 45em; fixes the issue. Apparently the width of that payout box is not enough on my browser. My guess? I have some font default that isn't overridden by the page itself perhaps? A height of 21em also makes the image not overlap the lower border resulting in a broken line there.
|
|
|
|
ccliu
|
|
July 29, 2012, 01:30:17 AM |
|
Could you add kickstarter?
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
July 29, 2012, 01:32:42 AM Last edit: July 29, 2012, 01:53:17 AM by DeathAndTaxes |
|
Could you add kickstarter?
Does kickstarter allows depositing funds directly into a user's account? I will certainly take a look. On edit: I don't see any user to user transfer mechanism for Kickstarter. Kickstarter pledges are funded by amazon payment so we could look into offering payouts using that platform.
|
|
|
|
ccliu
|
|
July 29, 2012, 05:08:13 AM |
|
See the problem is I need a cc, which I have but is closely monitored by my parents. Kickstarter doesn't charge until the end date if the threshold is met. The only caution I have is that make sure you have enough credit to pay for all applicably kickstarter funds due.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
July 29, 2012, 03:32:02 PM |
|
See the problem is I need a cc, which I have but is closely monitored by my parents. Kickstarter doesn't charge until the end date if the threshold is met. The only caution I have is that make sure you have enough credit to pay for all applicably kickstarter funds due.
I looked and there is no method I could fund a kickstarter account however kickstarter uses amazon payments. I will look into paying out into an amazon payments account. So for example you could sell 10 BTC, get $85 paid into your Amazon payment account and then use that to pay kickstarter.
|
|
|
|
Ari
Member
Offline
Activity: 75
Merit: 10
|
|
July 29, 2012, 05:07:01 PM |
|
See the problem is I need a cc, which I have but is closely monitored by my parents. Kickstarter doesn't charge until the end date if the threshold is met. The only caution I have is that make sure you have enough credit to pay for all applicably kickstarter funds due.
You can pay kickstarter using a visa gift card.
|
|
|
|
ccliu
|
|
July 30, 2012, 12:24:20 AM |
|
See the problem is I need a cc, which I have but is closely monitored by my parents. Kickstarter doesn't charge until the end date if the threshold is met. The only caution I have is that make sure you have enough credit to pay for all applicably kickstarter funds due.
I looked and there is no method I could fund a kickstarter account however kickstarter uses amazon payments. I will look into paying out into an amazon payments account. So for example you could sell 10 BTC, get $85 paid into your Amazon payment account and then use that to pay kickstarter. I've got cash in my amazon balance but cannot use it.. visa GC has a fee.
|
|
|
|
Ari
Member
Offline
Activity: 75
Merit: 10
|
|
July 31, 2012, 11:21:55 AM |
|
I've got cash in my amazon balance but cannot use it..
If you mean amazon gift cards, you can not use those for kickstarter or other amazon payments.
|
|
|
|
Gary13579
Newbie
Offline
Activity: 30
Merit: 0
|
|
July 31, 2012, 10:03:03 PM |
|
How long does it take to get MoneyPak? I was under the impression it would be immediate as soon as the transaction was confirmed by blockchain, but I still haven't gotten anything.
|
|
|
|
Gary13579
Newbie
Offline
Activity: 30
Merit: 0
|
|
August 01, 2012, 12:27:33 AM |
|
Took a few hours but the MoneyPak info came through. There's a service dedicated to MoneyPak for Bitcoins, but they wanted $10 more than your service. Thanks for the trade .
|
|
|
|
TangibleCryptography (OP)
|
|
August 01, 2012, 12:43:14 AM |
|
Glad we could help you out with some fast cash. I would point out to other potential customers we process orders offline in batches and that means slightly longer delays but the lower risk of theft/fraud allows us to offer a more competitive rate.
|
|
|
|
Gary13579
Newbie
Offline
Activity: 30
Merit: 0
|
|
August 01, 2012, 01:03:44 AM |
|
Yeah, I figured the PINs were stored offline, hence the delay. It isn't much of a hassle, but maybe it could be made clearer on the website that it may take a few hours after hitting 6 confirmations.
|
|
|
|
TangibleCryptography (OP)
|
|
August 01, 2012, 01:06:59 AM |
|
Yeah, I figured the PINs were stored offline, hence the delay. It isn't much of a hassle, but maybe it could be made clearer on the website that it may take a few hours after hitting 6 confirmations. Thanks for the suggestion. We are (eternally it seems) working on a new site which should hopefully clarify that and other potential "gotchas".
|
|
|
|
jme621
|
|
August 02, 2012, 12:33:42 AM |
|
Funding Status (last updated 08/01/2012 20:00 EST) Bank | Funds exhausted (no payout available) | (Adding additional funds - ETA 08/02) | PayPal | Funds high (max payout available) | | Dwolla | Funds low (max payout reduced) | (Adding additional funds - ETA 08/02) | Moneybookers | Funds high (max payout available) | |
have used 2/4 methods so far, no issues what so ever, gonna run the gambit eventually, probably before i go to Vegas in 3 weeks, keep up the good work.
|
|
|
|
ocminer
Legendary
Offline
Activity: 2688
Merit: 1240
|
|
August 02, 2012, 10:06:46 AM |
|
Got problems with the website ?
Nothing happens when I click on the "Create Order" Button..
|
suprnova pools - reliable mining pools - #suprnova on freenet https://www.suprnova.cc - FOLLOW us @ Twitter ! twitter.com/SuprnovaPools
|
|
|
TangibleCryptography (OP)
|
|
August 02, 2012, 10:58:21 AM Last edit: August 02, 2012, 11:09:19 AM by TangibleCryptography |
|
Got problems with the website ?
Nothing happens when I click on the "Create Order" Button..
Not that I am aware of. Also had 14 orders while since I went to sleep so it is working for at least some clients. What browser? version? OS? Are you trying to select a payout amount over the current maximum for that option? When you select a payout it will show the max available.
|
|
|
|
|