What you are saying is interesting. Thanks for bringing this up.
Coincidently, I was looking into this before I saw your post here on gfy!
Models (or someone on their behalf) can indeed write javascript (or reuse existing code) that will be executed at runtime when they broadcast
This is open source and I don't see any "cookie" manipulation, though they can obfuscate the code. I would also imagine cb would filter out such code but who knows.
I believe you have a point and it is good to see the discussion broadening but our answers might be simpler:
It seems it is in Chaturbate's interests to encourage customers to move to chaturbate.com and away from your domain: after all, revenue they make off ads is lost on whitelabels.
That would explain why they are not in a rush to fix the bugs I mentioned related to the co-branding and that also answers all our questions: why isn't Chaturbate doing anything about models enticing members to join cb through their links: of course it is fraudulent but only webmasters lose. Chaturbate, models and all who participate in their game are winners.
(Oh and if you don't use whitelabels, then clara will take care of your whales
)
In case you are wondering why they produced a whitelabel platform in the first place: everytime you push traffic to your whitelabel, Google is seeing it as "traffic to chaturbate.com" because of the canonical URL. You do the SEO for them. And then the leaks do the rest.
I think the biggest concern we have is:
- conflict of interests.
Models know the whales, and they can reach out to them easily (which is why we need a robust system and known workflow)
+ Everyone is an affiliate: webmasters, room moderators, studio, brocasters, possibly staff
other concerns:
- we don't know for sure the workflow (binding by username only or by user?, cross domain cookie rule, ..)
- we don't know if a previous workflow has been modified, who would proactively tell us
- no communication with customer service
- we were told to report models who planted their links on the site, specifically overlays. Nothing is done
- bugs / poor branding on mobile
Quote:
Originally Posted by MFCT
I was researching about modifying model profiles and adding custom themes. Not that I'm interested in doing it. I'm just trying to find out exactly what can be done. The info out there is a bit sparse.
It seems the HTML for profile pages can be edited, modified, and customized. This is a great thing for allowing models to make their profiles unique. But can scripts also be added, or sneaked into the HTML?
The reason I ask is: chaturbate.com sets cookies. Now if someone were to load a customized model profile with an added sneaky script, could this script potentially overwrite pre-existing cookies with an entirely different set of cookies? And/or potentially alter the expire time of pre-existing cookies to "Now", causing the browser to immediately delete them?
I suppose the browser would allow these scripts to execute without throwing a red flag, since these requested actions are coming from the same domain that set the original cookies.
I'm just guessing here because I know nothing about it and could be completely wrong (and probably am). But I thought I'd throw this out there for discussion. Hopefully someone who knows better can correct me.
|