Comments (3)
This may all be true, but what other choice do we have? If Discord cared to make an easy way for client mods to inject, or just plugin/theme support in general, this wouldn't be a problem. But by fighting client mods, they give users the choice to allow the Discord app to have a fraction of its usefulness or have reduced security. Not to mention client mods have to use the same injection methods as malware, which hurts our reputation and blurs the line between good and bad Discord modifications. I can't tell y'all what to do, but if you really care about client mod users' security, you could just add official support for some of the things we've had to awkwardly patch in for years.
from enhanceddiscord.
Note: I don't mean to be hostile to you (night) or any other Discord employees, I was just trying to point out that it's a bit ironic to give suggestions to projects that you generally don't support/advocate against using. I just assumed that the reason for creating this issue was to call out client mods as being insecure, but I understand now you were just trying to help. No hard feelings.
Anyway, as for the issues themselves, I'm not interested in fixing them for a few reasons:
- These are mostly carried over from BD, so I don't remember why exactly each of these options were changed.
- The CSP is probably the most likely to be abused, so I'd love to just re-enable it and prevent any non-Discord remote scripts from loading, but that would break themes and many BD plugins.
- Reverting these changes or implementing alternative solutions would require testing with many different plugins, including BD plugins. I don't have time to figure out what the alternatives are or do said testing, hence the "help wanted" label.
For reference, powercord-org/powercord#386 has more info and discussion about these issues.
from enhanceddiscord.
Accounted for and partially fixed by last update, EnhancedDiscord has cut off updates, and all remaining official support will terminate April 12th.
from enhanceddiscord.
Related Issues (20)
- Character count (beta) needs to be rewritten
- Colorblindness accessibility issue in theme_v2.css included from default style.css HOT 1
- Tag All needs to be rewritten
- All channels are shown in the channel list. HOT 1
- TypeError: Cannot read property 'contextMenu' of null HOT 2
- When visiting an nsfw hidden channel, and the user hits confirm. The client will still try to load the channel messages instead of just showing a warning HOT 2
- Client still tries to load hidden channel if it was the last selected channel
- EnhancedDiscord no longer works on latest Discord version HOT 6
- Doesn't work with the latest version of discord, in Linux. HOT 11
- Unable to change ED settings from the settings page
- Can't watch streams on Linux HOT 1
- Please allow us to enable win32 themes HOT 3
- Site is down HOT 3
- BetterDiscord plug-ins not working due to recent changes HOT 8
- Can't go into settings on ED HOT 3
- Hidden Channels aren't working HOT 1
- Discord crashes upon using SHIFT+ENTER shortcut. HOT 12
- Discord 0.0.309 will immediately crashed after pasting url HOT 2
- Archive the repo so no more Issues and PR can be made, and close existing ones HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from enhanceddiscord.