API exploits patched

A handful of issues where the backend API does not verify the validity of requests has been patched. These issues were noticed by @zenka and brought up in the following threads.

In addition, this patch contains other minor fixes, including an issue where the ‘loser’ is listed as the winner when match data is serialized

Clone Round In New Tab dost not work at the moment, (probably related to the above patch?)
it keeps loading and the console log is full with:

playground.js:483 try connection 1894
playground.js:483 try connection 1895

This is minor and may be old:
First time when you JOIN a weekly competition, your algo list is empty:

It is supposed to load after a second or so, but does not load if you have just joined.
works fine if you refresh the page, or visit it again.

1 Like

This seems to be working for me, could you check again?

Created a ticket for this, expect it to be resolved within a week or two

Clone in new Tab does not find connection:

  • go to my algos page, pick one algo and load the latest match

    • Alternatively, Open the play ground select play by hand, by hand.
  • click Clone In new tab (even before starting the match or anithing else)

  • -> New tab / window is oppened but it keeps loading. Print in the console keeps saying:

    ebSocket connection to '<URL>' failed: WebSocket is closed before the connection is established.
    playground.js:483 try connection 824
    playground.js:483 try connection 825

It might be account Related. My Account does not have Team, and did not perticipate in teams recently.
Also admin flag is False for me :slight_smile:

1 Like

First I had a different issue when I hit clone in new tab, but then I cleared the localStorage and now I am having the same issue as demorf describes.

Ok interesting, ill double check what got put out with this because I didnt expect it to impact playground. But ya, ill definetly double check now.

This issue was resolved on Friday

This does not appear to be happening right now. This page was completely redone with the update, so it is probably not still relevant. I will be marking it resolved since I couldnt replicate it.