tkanos https://twtxt.net/user/tkanos/twtxt.txt Remove
eaplme https://eapl.me/twtxt.txt Remove
eaplmx https://eapl.mx/twtxt.txt Remove
lyse https://lyse.isobeef.org/twtxt.txt Remove
prologic https://twtxt.net/user/prologic/twtxt.txt Remove
rrraksamam https://twtxt.net/user/rrraksamam/twtxt.txt Remove
darch https://neotxt.dk/user/darch/twtxt.txt Remove
shreyan https://twtxt.net/user/shreyan/twtxt.txt Remove
movq https://www.uninformativ.de/twtxt.txt Remove
bender https://twtxt.net/user/bender/twtxt.txt Remove
stigatle https://yarn.stigatle.no/user/stigatle/twtxt.txt Remove
darch http://darch.dk/twtxt.txt Remove
xuu https://txt.sour.is/user/xuu/twtxt.txt Remove
jason https://jasonsanta.xyz/twtxt.txt Remove
mckinley https://twtxt.net/user/mckinley/twtxt.txt Remove
eapl-mes-7-daily-links https://feeds.twtxt.net/eapl-mes-7-daily-links/twtxt.txt Remove
sorenpeter
Reply to #ressqqa
I think is part of the code by @eapl.me that I have based my project on. So try to ask him.
7 months ago
💬 Reply
eapl.me
Reply to #peqf4kq
hey @mckinley !
Perhaps your VPN or an extension is injecting some kind of verification before using the site?
The original development doesn't use JavaScript at all, and has 2 cookies for session managing, short term for guests and long term for the admin (perhaps that has to be changed with current European regulations, not sure)
@darch you could add HTTPS to your site to avoid external services injecting JS to the HTML. I bought a SSL certificate for my shared hosting, sadly it doesn't support Let's Encrypt.
But if an extension is doing that, I think there is not much to do from our side.
7 months ago
💬 Reply
xuu
Reply to #peqf4kq
@eapl.me are ISPs still injecting code into HTTP in this the year 2023? I remember getting notices that my comcast modem is out of date pushed into websites back a decade ago.
7 months ago
💬 Reply
mckinley
Reply to #peqf4kq
@eapl.me There is HTTPS but it doesn't seem to be enforced. My browser always connects with TLS if it's available and the message is present with or without TLS or extensions, even when using cURL. I would notice if my VPN service injected things like this because I disable JavaScript and cookies by default. I think it's unlikely I'm being MiTMed because the certificate is definitely from Let's Encrypt. Also, I don't see the point in MiTMing me just to put a JavaScript challenge on someone's personal website.
I still think it's a hosting provider thing. It doesn't really matter to me, I'm just curious.
7 months ago
💬 Reply