Closed EXtremeExploit closed 4 months ago
I would suggest using the data-click-show="#target" attribute for this instead of hacking it to use image templates. Also, you should probably also do this with the RSS endpoint shown in the settings as it uses the same API key.
Thanks for the suggestion, this is how it looks now: Api key:
rss feed:
TODO: all i have to do is the same for the RSS feed url
Before you begin
I understand my contributions may be rejected for any reason
I understand my contributions are for the benefit of Derpibooru and/or the Philomena software
I understand my contributions are licensed under the GNU AGPLv3
[x] I understand all of the above
Having the API key show in plain sight in the account page is bad practice, there would be risks of people accidentally leaking their API keys because they went to the account page to check something but showing the API key to the public in the process in the case they were sharing their screens or streaming on twitch. Currently the way i am doing this behaviour is super scuffed, having the box be treated as an image filter is super wrong but its the only way i could think of. Same goes for overriding the initial pass of actions possible to the element which were "unspoilering" the api key. If theres a better way to do this please tell so, i am very new to elixir/slime/this software, thanks!