Import costume from url & user id
-
There should be a block to import a costume from a url, there is an add image from url in widgets, but this doesn’t let you attach it to sprites or use it where a block needs a costume, this would let people put ai images in their project with the deprecation of the old DALL-E request to costume blocks, and let people use pfps in their projects, which brings me to the second request, a user id block, this would be the random string of characters after play.creaticode.com/users/ to go to their profile (mines is ZNE8tKKDq7cRMN338), in the console logs it’s referred to as peer id (in cloud broadcast logs to the actual browser console) so a peer id or user id block would be really useful (also a “texture” exists for the user id block because setting a sensing block’s name to “user id” actually works and trying something like “peer id” gives red hat)
-
Thank you for the suggestions. We will add them.
@info-creaticode oh yeah, user id would be pretty useful, because username and full name can always be changed, and if you want to save score for a user or like ban them, one can bypass that by changing their username/fullname that is being used to save data.
#LLJW
<span style="color:white;background-image:linear-gradient(to right, lightblue, navy)">My name is Jeff</span> -
@info-creaticode oh yeah, user id would be pretty useful, because username and full name can always be changed, and if you want to save score for a user or like ban them, one can bypass that by changing their username/fullname that is being used to save data.
@jeffreyrb03-gmail correction, username can’t be changed, but Catty used my chat rooms and my user database logged their set full name (CattyPlazyz or something like that) for the username and display slot, but in chat messages for who’s talked it shows me, my alt, my friend’s acc they don’t use, and an acc with a short username (who tested that I don’t have a filter) who sent messages
<div component="post/signature" data-uid="255" class="post-signature">Check out my chat room project so you ppl can not use forums as chat rooms! https://play.creaticode.com/projects/66f2e1dcd1be43d82b886fbd?version=1 <p dir="auto">
</div> -
@jeffreyrb03-gmail correction, username can’t be changed, but Catty used my chat rooms and my user database logged their set full name (CattyPlazyz or something like that) for the username and display slot, but in chat messages for who’s talked it shows me, my alt, my friend’s acc they don’t use, and an acc with a short username (who tested that I don’t have a filter) who sent messages
-
Actually, now we have added support for changing username. It is the “profile” link in the top right dropdown:
@info-creaticode alright, that is very good to know
<div component="post/signature" data-uid="255" class="post-signature">Check out my chat room project so you ppl can not use forums as chat rooms! https://play.creaticode.com/projects/66f2e1dcd1be43d82b886fbd?version=1 <p dir="auto">
</div> -
@info-creaticode alright, that is very good to know
@tyller_ lol I managed to get HTML
my projects are gonna be sooo epic (please don’t patch this CreatiCode
)#LLJW
<span style="color:white;background-image:linear-gradient(to right, lightblue, navy)">My name is Jeff</span> -
@tyller_ lol I managed to get HTML
my projects are gonna be sooo epic (please don’t patch this CreatiCode )@jeffreyrb03-gmail Iframe and/or script tag? and they should patch it if it can access stored cookies, I don’t know how login auth works but a cookie grabber would be really bad, unless you can’t access it (really hoping for that), plus you can already do non script tag stuff, unless that’s just an iframe then it’s fine
<div component="post/signature" data-uid="255" class="post-signature">Check out my chat room project so you ppl can not use forums as chat rooms! https://play.creaticode.com/projects/66f2e1dcd1be43d82b886fbd?version=1 <p dir="auto">
</div> -
@jeffreyrb03-gmail Iframe and/or script tag? and they should patch it if it can access stored cookies, I don’t know how login auth works but a cookie grabber would be really bad, unless you can’t access it (really hoping for that), plus you can already do non script tag stuff, unless that’s just an iframe then it’s fine
@tyller_ I’m just using it to make a browser using iframes. iFrames are sorta in their own little seperate and boxed world, and they can’t access stuff outside of them I don’t think, and even if it was, I’m certain that they aren’t allowed to access cookies/local storage and whatnot unless it’s of that website, and not for like another website. Some websites also don’t like being in iframes, like Google:
On top of that, I’m pretty sure CreatiCode is smart enough to have put some CSP policy header that blocks stuff like that.
The funny thing is, this thing I’m making can slightly bypass Securly, which is weird, because you’d think that any and all iframe exploits to bypass school filters (that blocks sites like games) were patched years ago, but actually no. Glitch.com is blocked normally, but if you’re careful, this thing can easily go under the radar. This is useful because my game’s site is being made with glitch and its database too.
To do this, I’m just using a rich text box widget and setting its value to html code. It supports iframes, but doesn’t allow script tags which is good because of the way those can get abused.
This is pretty cool because of the really cool capabilities it has like making user interfaces and stuff in a better way, enabled all by HTML and CSS, and not limited by CreatiCodes limitations, for instance, doing stuff with gradients or making forms that are better connected and can send that data over to another site.
#LLJW
<span style="color:white;background-image:linear-gradient(to right, lightblue, navy)">My name is Jeff</span> -
@tyller_ I’m just using it to make a browser using iframes. iFrames are sorta in their own little seperate and boxed world, and they can’t access stuff outside of them I don’t think, and even if it was, I’m certain that they aren’t allowed to access cookies/local storage and whatnot unless it’s of that website, and not for like another website. Some websites also don’t like being in iframes, like Google:
On top of that, I’m pretty sure CreatiCode is smart enough to have put some CSP policy header that blocks stuff like that.
The funny thing is, this thing I’m making can slightly bypass Securly, which is weird, because you’d think that any and all iframe exploits to bypass school filters (that blocks sites like games) were patched years ago, but actually no. Glitch.com is blocked normally, but if you’re careful, this thing can easily go under the radar. This is useful because my game’s site is being made with glitch and its database too.
To do this, I’m just using a rich text box widget and setting its value to html code. It supports iframes, but doesn’t allow script tags which is good because of the way those can get abused.
This is pretty cool because of the really cool capabilities it has like making user interfaces and stuff in a better way, enabled all by HTML and CSS, and not limited by CreatiCodes limitations, for instance, doing stuff with gradients or making forms that are better connected and can send that data over to another site.
@jeffreyrb03-gmail alright, thats really neat (bit confused how it can bypass proxy filters though)
<div component="post/signature" data-uid="255" class="post-signature">Check out my chat room project so you ppl can not use forums as chat rooms! https://play.creaticode.com/projects/66f2e1dcd1be43d82b886fbd?version=1 <p dir="auto">
</div> -
@jeffreyrb03-gmail alright, thats really neat (bit confused how it can bypass proxy filters though)
@tyller_ https://play.creaticode.com/projects/67 068a6c6491cfeaeaa1b22c?version=1
-
@jeffreyrb03-gmail alright, thats really neat (bit confused how it can bypass proxy filters though)
@tyller_ I’m not sure either, probably because CreatiCode is a trusted site, so filters mistakenly trust the iframes too, but this doesn’t work against firewalls like blocksi or fortiguard. the project link I gave is a wip, but you can run it and it works
-
@jeffreyrb03-gmail alright, thats really neat (bit confused how it can bypass proxy filters though)
@tyller_ this is also doing stuff to try to get metadata from a page like getting page titles by extracting the value of the title tag, as well as other stuff. If I can figure out more bypass things or make specific conditionals to parse page stuff, this could work like a real browser. It might even be useful for me to utilize AI blocks to extract stuff easier without using regex, but it’d be a bit annoying, might not work all the time, and might give out when too many requests get sent to it.
I’m also planning to manually add support for sites like google
#LLJW
<span style="color:white;background-image:linear-gradient(to right, lightblue, navy)">My name is Jeff</span> -
@tyller_ this is also doing stuff to try to get metadata from a page like getting page titles by extracting the value of the title tag, as well as other stuff. If I can figure out more bypass things or make specific conditionals to parse page stuff, this could work like a real browser. It might even be useful for me to utilize AI blocks to extract stuff easier without using regex, but it’d be a bit annoying, might not work all the time, and might give out when too many requests get sent to it.
I’m also planning to manually add support for sites like google
Glad to see you are having fun with iFrames and serving as our red team. IFrames are very secure, so they shouldn’t leak any information. If you do find anything dangerous, please let us know.
-
Glad to see you are having fun with iFrames and serving as our red team. IFrames are very secure, so they shouldn’t leak any information. If you do find anything dangerous, please let us know.
@info-creaticode I will, thank you! I’m also expanding this project to be like a full on browser and useful tool for researching (it will make article pages faster and have options to summarize using AI):
I don’t think you guys have rules against proxies, but just so you know, this is only able to bypass faulty/defective blocking filters, and its purpose isn’t malicious or meant to aid people in getting around restrictions or otherwise act like a browser in a browser.
Edit: I don’t think it can access inappropriate sites anyways because how the cloud fetch URL as markdown block works#LLJW
<span style="color:white;background-image:linear-gradient(to right, lightblue, navy)">My name is Jeff</span> -
@info-creaticode I will, thank you! I’m also expanding this project to be like a full on browser and useful tool for researching (it will make article pages faster and have options to summarize using AI):
I don’t think you guys have rules against proxies, but just so you know, this is only able to bypass faulty/defective blocking filters, and its purpose isn’t malicious or meant to aid people in getting around restrictions or otherwise act like a browser in a browser.
Edit: I don’t think it can access inappropriate sites anyways because how the cloud fetch URL as markdown block worksThe following blocks have been added to the playground:
-
“user id” in Sensing, which returns the unique id of the current user
-
AI image search in “AI”: a reporter block that returns the URL of an AI-generated image from the library based on a search query. Note that this does not generate new images, but searches among existing images generated by AI, so it is much faster.
- add image from a URL as costume in “Looks”. You scale down the image to a maximum width/height:
Note that #2 and #3 can be combined to add an AI image as a costume:
-
-
The following blocks have been added to the playground:
-
“user id” in Sensing, which returns the unique id of the current user
-
AI image search in “AI”: a reporter block that returns the URL of an AI-generated image from the library based on a search query. Note that this does not generate new images, but searches among existing images generated by AI, so it is much faster.
- add image from a URL as costume in “Looks”. You scale down the image to a maximum width/height:
Note that #2 and #3 can be combined to add an AI image as a costume:
@info-creaticode Awesome!Thank you!
-
-
The following blocks have been added to the playground:
-
“user id” in Sensing, which returns the unique id of the current user
-
AI image search in “AI”: a reporter block that returns the URL of an AI-generated image from the library based on a search query. Note that this does not generate new images, but searches among existing images generated by AI, so it is much faster.
- add image from a URL as costume in “Looks”. You scale down the image to a maximum width/height:
Note that #2 and #3 can be combined to add an AI image as a costume:
@info-creaticode an issue, I planned to get the pfp of users, I checked with two other accounts and in the url of each pfp there is a second random string of numbers
, how would I get a user’s pfp, Ik it’s some file storage stuff, but I’m going to try to find a workaround, it’s just a minor annoyance<div component="post/signature" data-uid="255" class="post-signature">Check out my chat room project so you ppl can not use forums as chat rooms! https://play.creaticode.com/projects/66f2e1dcd1be43d82b886fbd?version=1 <p dir="auto">
</div> -
-
@info-creaticode an issue, I planned to get the pfp of users, I checked with two other accounts and in the url of each pfp there is a second random string of numbers
, how would I get a user’s pfp, Ik it’s some file storage stuff, but I’m going to try to find a workaround, it’s just a minor annoyance@tyller_ To get a user’s pfp, you have to read their profile page HTML using their user id and then parse some stuff to get their profile picture from there (since profile pictures are public and are shown on that page).
You can get the HTML of a page by using the thing to get a page as markdown but putting “view-source:” before the URL that you are going to read, and then doing some trimming by removing the unnessescary lines and stuff and then reading the src attribute of the profile picture image (wherever the pfp is normally located in terms of the HTML page structure).
I’m using a similar method to get the title of a website by getting a website’s source code (ex:“view-source:https://google.com”) then reading the content of the
<title>tag for my iframe powered browser project. What you could do is join “view-source:https://play.creaticode.com/users/” and the user id, and then read that to a variable (using the cloud block read page as markdown), then look for wherever the profile pic image of the user is (should be near like the about me section) and then get the URL of that image by reading thesrcattribute. Then you can display that image (via its URL) to a widget.#LLJW
<span style="color:white;background-image:linear-gradient(to right, lightblue, navy)">My name is Jeff</span> -
@tyller_ To get a user’s pfp, you have to read their profile page HTML using their user id and then parse some stuff to get their profile picture from there (since profile pictures are public and are shown on that page).
You can get the HTML of a page by using the thing to get a page as markdown but putting “view-source:” before the URL that you are going to read, and then doing some trimming by removing the unnessescary lines and stuff and then reading the src attribute of the profile picture image (wherever the pfp is normally located in terms of the HTML page structure).
I’m using a similar method to get the title of a website by getting a website’s source code (ex:“view-source:https://google.com”) then reading the content of the
<title>tag for my iframe powered browser project. What you could do is join “view-source:https://play.creaticode.com/users/” and the user id, and then read that to a variable (using the cloud block read page as markdown), then look for wherever the profile pic image of the user is (should be near like the about me section) and then get the URL of that image by reading thesrcattribute. Then you can display that image (via its URL) to a widget.@jeffreyrb03-gmail alr, I never would of actually thought to use view source to get the actual stuff instead of markdown, thx
-
@tyller_ To get a user’s pfp, you have to read their profile page HTML using their user id and then parse some stuff to get their profile picture from there (since profile pictures are public and are shown on that page).
You can get the HTML of a page by using the thing to get a page as markdown but putting “view-source:” before the URL that you are going to read, and then doing some trimming by removing the unnessescary lines and stuff and then reading the src attribute of the profile picture image (wherever the pfp is normally located in terms of the HTML page structure).
I’m using a similar method to get the title of a website by getting a website’s source code (ex:“view-source:https://google.com”) then reading the content of the
<title>tag for my iframe powered browser project. What you could do is join “view-source:https://play.creaticode.com/users/” and the user id, and then read that to a variable (using the cloud block read page as markdown), then look for wherever the profile pic image of the user is (should be near like the about me section) and then get the URL of that image by reading thesrcattribute. Then you can display that image (via its URL) to a widget.@jeffreyrb03-gmail it doesn’t work likely because it’s loaded after, I used my source bookmarklet and holy, CreatiCode can you guys plsssssssss use some css files, I’ma check forum pfps for it
Edit: find in my view source has found it in regular user profiles, but it’s too big of a source for it to actually bother scrolling me all the way there
Edit 2: nvm it shows that theres 1 of 1 found, but scrolls me to the top, but searching for the tag which is probably around the pfp url is the same result
<div component="post/signature" data-uid="255" class="post-signature">Check out my chat room project so you ppl can not use forums as chat rooms! https://play.creaticode.com/projects/66f2e1dcd1be43d82b886fbd?version=1 <p dir="auto">
</div>
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login