KinCryos

TF2 Admin
Contributor
Mapper
The reason is because someone can use that to grab people's ips
huh. didn't even know that was possible. the more you know

I take it that MP4/WEBMs uploaded to Discord are similarly unsafe? (since AFAIK, using raw links was how to link such media hosted there)
 

Bottiger

Administrator
huh. didn't even know that was possible. the more you know

I take it that MP4/WEBMs uploaded to Discord are similarly unsafe (since AFAIK, using raw links was how to link such media hosted there)

No they save the video to their own servers when you upload. I don't know about links though.
 

KinCryos

TF2 Admin
Contributor
Mapper
No they save the video to their own servers when you upload. I don't know about links though.
I initially thought as such.

does this mean that the raw option actually allowed users to upload MP4/WEBMs?
or was this just in case someone linked something on a home server and got that exposed to unwanted traffic?
I'm honestly curious about this. is there any official documentation regarding this vulnerability?
 

Bottiger

Administrator
does this mean that the raw option actually allowed users to upload MP4/WEBMs?

No it means that someone could make a video url like http://homeip/video.mp4. And anyone loading that post would send a request to that server and that person could look at his server logs to record ips. Site like youtube can see the same thing too, but the chances they would abuse it is low.

It is just the way websites work.
 

KinCryos

TF2 Admin
Contributor
Mapper
ah, essentially the inverse of my second guess

too bad the Discord content in meme threads is also impacted by this. oh well, safety first
 
Last edited: