@hidgw final words after tests & research: too many security potential problems. I’m removing “data:” from the list of allowed protocols :)

@hidgw Hmm, also browser limitation it seems. Apparently it’s OK to access a data URI, but not to get redirected to one.

@hidgw using YOURLS current trunk, out of the box: ozh.in/datauri The problem you’ll have is simply too long URLs for server config

@hidgw hmm indeed. I’ll check that

@hidgw oh, sorry, I read too quickly. The short URL keyword has a 2000 char limit, the long URL has 65535

@hidgw no, just one I pick because you have to specify a format in databases. Seemed larged enough

@amitgupta that’s the idea anyway

@aenertia … that no one on shared hosting can manage to set up. Hence a WP plugin. The “right” way is only to change the default login.

Limit Login Per Account & Per Timeframe: a WordPress plugin to make sure no botnet tries ‘admin’ from 1,000,000 IPs. Any one fancy do this?

The good WordPress news of the day: plugin Limit Login Attempts’ number of installs is rocketing :)

Reading your git commit log this way makes things very much more awesome: starlogs.net/#yourls/yourls

@AmonAmarthBand so awesome that you guys are Redditors :)

Wow hyperlapse.tllabs.io/ is insanely impressive …

@ajsdallas and a catch-all domain I guess?

@codersumo neat! But still can’t do more than solving 1st problem?

@ajsdallas it’s explained in the wiki

Exxxxcellent initiative. Must read! Must find :) RT @joncave: Review an intentionally vulnerable plugin: make.wordpress.org/plugins/201…

@blegueni boah, qualité 6 dollars quoi. Très fin. Je pense qu’il sera informe au bout de 4 lavages, au mieux.

@Zombieece not sure why I followed you in the first place, but I’m happily adding you to ignore list right now. Stupid spam.

@modeknit typically if you’re wondering “wtf??!” is just because you’re not the target for this product :)