halospv3 / gemini Goto Github PK
View Code? Open in Web Editor NEWConfigure SPV3 with this flavorful GUI frontend for HXE.
License: zlib License
Configure SPV3 with this flavorful GUI frontend for HXE.
License: zlib License
Variable | True | False | NOTE |
---|---|---|---|
ResolutionEnabled Checkbox | If True, resolutions can be set manually | If False, native resolution is used. Native resolution is required by the borderless display mode. | Enforces -vidmode parameter. |
V-Sync Checkbox | Does this enforce VidMode? Controls Halo's built-in V-Sync | Uncapped framerate unless otherwise stated by Chimera and GPU drivers | Recommendation: disable it and instead use GPU/dgVoodoo V-Sync |
GammaEnabled Checkbox | User can specify gamma value | Append -nogamma to game startup parameters |
Can be True or False in any Display Mode |
Elevated Checkbox | Work around mysterious crashes | Prevents Loader from applying Borderless hacks | Borderless Mode can be used if V-Sync is also false |
Display Modes | Implications |
---|---|
Fullscreen | Elevated/Admin permissions are usable. |
Window | Elevated/Admin perms are usable. |
Borderless | Forcefully uncheck and disable Elevated/Admin checkbox. Disables Halo's V-Sync, desktop double-buffering enforced. Native/desktop resolution required. |
Halo's built-in Double-Buffer V-Sync is horribly implemented, so it's recommended to disable it at all times.
DISPLAY MODE | PROCEDURE | NOTES |
---|---|---|
Full Screen | Manipulate GPU drivers' and dgVoodoo's Double-Buffering V-Sync settings instead. | Triple-Buffering is better, but the DX implementation of TB has little benefit over DB (OGL TB is good, though) and apps must be programmed to use it. See V-SYNC COMPARISON for more V-Sync preferences. |
Window/Borderless | Windows' desktop composition enforces Double-Buffer V-Sync. | Can be overridden by NVIDIA G-SYNC |
File dgVoodoo = new File;
File dgVoodooConf = new File;
/// The following can be used for any library that loads via D3D9.dll interception.
if (Exists(Combine(CurrentDirectory, "d3d9.dll")))
{
throw new Exception("Move d3d9.dll somewhere else. Move it to the mods folder if you still need to use it.");
}
if (Exists(Combine(CurrentDirectory, "mods", "d3d9.dll")))
{
var d3d9VerInfo = FileVersionInfo.GetVersionInfo(Combine(CurrentDirectory, "mods", "d3d9.dll"));
if (d3d9VerInfo.FileDescription.Contains("dgVoodoo"))
{
dgVoodooFound = true;
dgVoodooConf = Combine(CurrentDirectory, "mods", "dgvoodoo.conf");
}
else if (d3d9VerInfo.FileDescription.Contains("ReShade"))
{
// Recommend the user use dgVoodoo. If the user faces significant performance drops with it, tick it's "passthrough" checkbox.
// rename ReShade to dxgi.dll OR reshade32.dll
ReShadeFound = true;
// ReShade configuration?
}
}
// Does dgvoodoo.dll exist?
else if (Exists(Combine(CurrentDirectory, "mods", "dgvoodoo.dll")))
{
dgVoodooFound = true;
dgVoodooConf = Combine(CurrentDirectory, "mods", "dgvoodoo.conf");
}
Describe the solution you'd like
Manually updating the contents of HaloSPV3/HCE's latest.xml could lead to delayed update notifications or introduced human error into an otherwise automated Release pipeline.
Describe alternatives you've considered
I'd previously considered running a nightly Workflow in HaloSPV3/HCE to check each project for new releases, but that would hinder the rapid delivery of critical fixes. Updating the Update metadata from each repo's Release workflows made more sense in the end.
Additional context
HaloSPV3/HCE#240
A light-weight module that brings window.fetch to node.js
Library home page: https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.5.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/node-fetch/package.json
Dependency Hierarchy:
Found in base branch: main
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Publish Date: 2022-01-16
URL: CVE-2022-0235
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-r683-j2x4-v87g
Release Date: 2022-01-16
Fix Resolution: node-fetch - 2.6.7,3.1.1
Step up your Open Source Security Game with WhiteSource here
From https://www.reddit.com/r/halospv3/comments/oly5qb/can_not_run_the_installer_tt/
Is SPV3.3 installer run on 64 bit only? If It's true, then is there a manual way to install It because I'm using win7-32bit.
This will be a little tricky since it's an async operation.
Commit e213d7af had moved away from this idea (opting for executing in a separate process to show progress in a CLI) because the test-implementation at the time exhibited "screwy", unsatisfactory results.
The exact issue(s) will need to be listed here.
Ideas to try:
DownloadProgress = BytesDownloaded / BytesTotal;
CommitProgress = BytesWritten / BytesTotal;
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
MahApps.Metro
, Microsoft.SourceLink.GitHub
, Namchee/conventional-pr
, actions/checkout
, actions/setup-dotnet
, actions/setup-node
, actions/upload-artifact
, github/codeql-action
).github/workflows/ci.yml
actions/checkout v3
actions/setup-dotnet v3
actions/checkout v3
actions/setup-dotnet v3
.github/workflows/codeql-analysis.yml
actions/checkout v3
actions/setup-dotnet v3
github/codeql-action v2
github/codeql-action v2
windows 2022
.github/workflows/conv-pull-requests.yml
Namchee/conventional-pr v0.14.1
.github/workflows/release.yml
actions/checkout v3
actions/setup-node v4.0.0
actions/setup-dotnet v3
actions/upload-artifact v3
package.json
src/SPV3.csproj
Microsoft.Windows.Compatibility 7.0.0
MahApps.Metro 2.4.9
Microsoft.SourceLink.GitHub 1.1.1
GitVersion.MsBuild 5.12.0
In relation to HaloSPV3/HXE#215
https://twitter.com/VoidsShadow/status/1450000709890424834
Hear the lament of one who must maintain a single-file, self-extracting installer that has a 64-bit-only feature and must run on both 32-bit and 64-bit platforms.
https://twitter.com/VoidsShadow/status/1450401081809416198
I couldn't find a way to create an 'Any CPU' app with net5.0+ tools despite implications in its source code and documentation, so I'll have to split 64-bit-only features to a separate application or library that is stored in and later extracted from a 32-bit SPV3 Installer.
Formerly "Self-extract HXE.exe to parent directory when 'Loader' state is inferred"
Expose HXE CLI functionality and features via either/both an embedded Terminal host and/or wrapped command-line command/arguments.
The host would be embedded within an SPV3-themed GUI, similarly to our SPV3.Error UserControl.
PowerShell 7.2+ would be our preferred CLI host for its suggestions and completions, but most users will have PS 5.1 at best.
Invoking SPV3 with HXE arguments will cause cause SPV3 Loader to pass unsupported arguments to the embedded HXE assembly which will then react appropriately, whether that be by throwing NotSupportException or acting upon the recognized argument(s).
When Clicked to Enable...
MessageBox.Open("Applying compression to SPV3's folder will take a few minutes. Do you want to continue?")
In the message box, display a Confirm and a Cancel button.
https://www.reddit.com/r/halospv3/comments/o15p34/spv33_halo_ce_classic_windows_81_resolution/
Snyk
Job started: 12 November 2021, 02:52:26
Processed HaloSPV3/SPV3-Loader from GitHubFound ./src/SPV3.csproj [main] | No target frameworks detected in ./src/SPV3.csproj [main] View project
1 project created
Job completed: 12 November 2021, 02:52:27
> dotnet nuget push *.nupkg -s "github" -k ***
error: File does not exist (*.nupkg).
The GeneratePackageOnBuild property was removed from the project. Re-adding it should resolve the issue.
https://developer.valvesoftware.com/wiki/Steam_browser_protocol
If you want, you could add SPV3 to Steam via steam://AddNonSteamGame during the install procedure
Steam browser protocol
I'm wondering if there's a way to auto-set the three custom images as well
ooo this is interesting
https://developer.valvesoftware.com/wiki/Add_Non-Steam_Game
Add Non-Steam Game
so it would have to be done here
hmmm nifty
Contact Arecadian Fox and Jazz for the SPV3 Steam Library images.
Load SPV3 button is often disabled indefinitely after loading the game, requiring the user to restart the loader if the user wants to restart the game.
a package manager for JavaScript
Library home page: https://registry.npmjs.org/npm/-/npm-7.24.1.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/npm/package.json
Dependency Hierarchy:
Found in base branch: main
The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was supposed to have been blocked by an exact version match requirement in package-lock.json.
Publish Date: 2021-11-13
URL: CVE-2021-43616
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-43616
Release Date: 2021-11-13
Fix Resolution: npm - 8.1.4
Step up your Open Source Security Game with WhiteSource here
This would help users a little if the update server is changed again.
Resolved with the release of HaloSPV3/HXE.DRP v1.0.5
I'll close this issue after confirming it is packaged with Loader releases.
Add Firefight maps and images.
Needs new Discord API servicing host.
There may be an issue with writing to and closing the file.
...do I need to manually close the file/handle?
This has been a thorn in my side for far too long.
7z's syntax sucks.
Workflow variable de-reference syntax is different depending on the context i.e. ${{ env.TFM }} is sometimes correct, but it's wrong in other cases.
publish
.Compress-Archive
funny joke
Although I really like two and three, four and five are clearer.
Five is the best compromise between clarity and poop jokes...
Updates should be lightweight and have as few files as possible.
Rampant usage of Reflection and dynamic references e.g. getting a type name from a string.
SingleFile is said to not be supported on Windows 7. Does this include Windows 7 SP1? Condition="'$(PublishSingleFile)' == 'true' and $(RuntimeIdentifier.StartsWith('win7-'))"
throws Error NETSDK1180
Does the DotNet Core 3.1 style of SingleFile work? This extracts the dependencies to a temporary file location instead of loading directly from the main file. The compiler checks don't care. See previous point.
XML serialization depends on Reflection.
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.1/jquery.min.js
Path to dependency file: SPV3-Loader/node_modules/redeyed/examples/browser/index.html
Path to vulnerable library: /node_modules/redeyed/examples/browser/index.html
Dependency Hierarchy:
Found in HEAD commit: 339c233f38fb804a26d33861aeb9011ccea53d79
Found in base branch: main
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11023
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-04-29
Fix Resolution: jquery - 3.5.0;jquery-rails - 4.4.0
Step up your Open Source Security Game with WhiteSource here
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.1/jquery.min.js
Path to dependency file: SPV3-Loader/node_modules/redeyed/examples/browser/index.html
Path to vulnerable library: /node_modules/redeyed/examples/browser/index.html
Dependency Hierarchy:
Found in HEAD commit: 339c233f38fb804a26d33861aeb9011ccea53d79
Found in base branch: main
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - v3.0.0
Step up your Open Source Security Game with WhiteSource here
JSON Schema validation and specifications
Library home page: https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/npm/node_modules/json-schema/package.json
Dependency Hierarchy:
Found in base branch: main
json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Publish Date: 2021-11-13
URL: CVE-2021-3918
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-3918
Release Date: 2021-11-13
Fix Resolution: json-schema - 0.4.0
Step up your Open Source Security Game with WhiteSource here
e.g.
<TrimmerDefaultAction>link</TrimmerDefaultAction>
<ProjectReference Include="ext/HXE/src/HXE.csproj" />
<!-- Analyze the whole library, even if attributed with "IsTrimmable" -->
<TrimmerRootAssembly Include="HXE" />
- SPV3.csproj
+ SPV3-Loader.csproj
- SPV3.Main()
+ SPV3.Loader.Main()
npm install @semantic-release/release-notes-generator -D
npx @semantic-release/release-notes-generator
- initialize change logWhen all is done, the change log will be updated and committed during every CI run of semantic-release.
Currently, all of them are rendered simultaneously with Activation on top.
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.1/jquery.min.js
Path to dependency file: SPV3-Loader/node_modules/redeyed/examples/browser/index.html
Path to vulnerable library: /node_modules/redeyed/examples/browser/index.html
Dependency Hierarchy:
Found in HEAD commit: 339c233f38fb804a26d33861aeb9011ccea53d79
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
Step up your Open Source Security Game with WhiteSource here
Regular expression for matching ANSI escape codes
Library home page: https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz
Path to dependency file: SPV3-Loader/package.json
Path to vulnerable library: SPV3-Loader/node_modules/npm/node_modules/cli-table3/node_modules/ansi-regex/package.json
Dependency Hierarchy:
Regular expression for matching ANSI escape codes
Library home page: https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz
Path to dependency file: SPV3-Loader/package.json
Path to vulnerable library: SPV3-Loader/node_modules/ansi-regex/package.json
Dependency Hierarchy:
Regular expression for matching ANSI escape codes
Library home page: https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz
Path to dependency file: SPV3-Loader/package.json
Path to vulnerable library: SPV3-Loader/node_modules/string-width/node_modules/ansi-regex/package.json,SPV3-Loader/node_modules/npm/node_modules/string-width/node_modules/ansi-regex/package.json
Dependency Hierarchy:
Found in HEAD commit: 339c233f38fb804a26d33861aeb9011ccea53d79
Found in base branch: main
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
Publish Date: 2021-09-17
URL: CVE-2021-3807
Base Score Metrics:
Type: Upgrade version
Origin: https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994/
Release Date: 2021-09-17
Fix Resolution: ansi-regex - 5.0.1,6.0.1
Step up your Open Source Security Game with WhiteSource here
They broke when MahApps.Metro package was upgraded
See https://mahapps.com/docs/guides/migration-to-v2.0#old,
https://mahapps.com/docs/guides/migration-to-v2.0#new
D:\Repos\spv3-loader\src [main ≡ +0 ~4 -0 !]> dotnet publish '.\SPV3.csproj' -r 'win10-x86'
Microsoft (R) Build Engine version 17.0.0-preview-21460-01+8f208e609 for .NET
Copyright (C) Microsoft Corporation. All rights reserved.
D:\Repos\spv3-loader\src\SPV3.csproj(3,3): warning MSB4011: "D:\Repos\spv3-loader\src\Directory.Build.props" cannot be imported again. It was already imported at "C:\Program Files\dotnet\sdk\6.0.100-rc.1.21463.6\Current\Microsoft.Common.props (33,3)". This is most likely a build authoring error. This subsequent import will be ignored.
D:\Repos\spv3-loader\src\SPV3.csproj(3,3): warning MSB4011: "D:\Repos\spv3-loader\src\Directory.Build.props" cannot be imported again. It was already imported at "C:\Program Files\dotnet\sdk\6.0.100-rc.1.21463.6\Current\Microsoft.Common.props (33,3)". This is most likely a build authoring error. This subsequent import will be ignored.
Determining projects to restore...
D:\Repos\spv3-loader\src\SPV3.csproj(3,3): warning MSB4011: "D:\Repos\spv3-loader\src\Directory.Build.props" cannot be imported again. It was already imported at "C:\Program Files\dotnet\sdk\6.0.100-rc.1.21463.6\Current\Microsoft.Common.props (33,3)". This is most likely a build authoring error. This subsequent import will be ignored.
D:\Repos\spv3-loader\src\SPV3.csproj(3,3): warning MSB4011: "D:\Repos\spv3-loader\src\Directory.Build.props" cannot be imported again. It was already imported at "C:\Program Files\dotnet\sdk\6.0.100-rc.1.21463.6\Current\Microsoft.Common.props (33,3)". This is most likely a build authoring error. This subsequent import will be ignored.
Restored D:\Repos\spv3-loader\ext\hxe\src\HXE.csproj (in 703 ms).
Restored D:\Repos\spv3-loader\src\SPV3.csproj (in 703 ms).
D:\Repos\spv3-loader\src\SPV3.csproj(3,3): warning MSB4011: "D:\Repos\spv3-loader\src\Directory.Build.props" cannot be imported again. It was already imported at "C:\Program Files\dotnet\sdk\6.0.100-rc.1.21463.6\Current\Microsoft.Common.props (33,3)". This is most likely a build authoring error. This subsequent import will be ignored.
You are using a preview version of .NET. See: https://aka.ms/dotnet-core-preview
0. GitVersion cannot determine the next version in shallow reposistories.
We will use Git to determine if the current repository needs to be un-shallowed.
Checking if Git is available...
1. Git was found.
It is git version 2.33.1.windows.1 at...
D:\Apps\Git\cmd\git.exe
2. Checking if repository is shallow...
3. Repository is complete. Proceeding to Build...
0. GitVersion cannot determine the next version in shallow reposistories.
We will use Git to determine if the current repository needs to be un-shallowed.
Checking if Git is available...
1. Git was found.
It is git version 2.33.1.windows.1 at...
D:\Apps\Git\cmd\git.exe
2. Checking if repository is shallow...
3. Repository is complete. Proceeding to Build...
C:\Users\Noah\.nuget\packages\gitversion.msbuild\5.7.0\tools\GitVersion.MsBuild.targets(134,9): warning : File contains assembly version attributes which conflict with the attributes generated by GitVersion obj\Debug\net5.0-windows\win10-x86\AssemblyInfo.g.cs [D:\Repos\spv3-loader\ext\hxe\src\HXE_5xahz2ov_wpftmp.csproj]
HXE -> D:\Repos\spv3-loader\ext\hxe\bin\Debug\net5.0-windows\win10-x86\HXE.dll
D:\Repos\spv3-loader\src\SPV3_qpdb5yod_wpftmp.csproj(11,3): warning MSB4011: "D:\Repos\spv3-loader\src\Directory.Build.props" cannot be imported again. It was already imported at "C:\Program Files\dotnet\sdk\6.0.100-rc.1.21463.6\Current\Microsoft.Common.props (33,3)". This is most likely a build authoring error. This subsequent import will be ignored.
0. GitVersion cannot determine the next version in shallow reposistories.
We will use Git to determine if the current repository needs to be un-shallowed.
Checking if Git is available...
1. Git was found.
It is git version 2.33.1.windows.1 at...
D:\Apps\Git\cmd\git.exe
2. Checking if repository is shallow...
3. Repository is complete. Proceeding to Build...
HXE -> D:\Repos\spv3-loader\ext\hxe\bin\Debug\net5.0-windows\win10-x86\HXE.dll
C:\Users\Noah\.nuget\packages\gitversion.msbuild\5.7.0\tools\GitVersion.MsBuild.targets(134,9): warning : File contains assembly version attributes which conflict with the attributes generated by GitVersion obj\Debug\net5.0-windows\win10-x86\AssemblyInfo.g.cs [D:\Repos\spv3-loader\src\SPV3_qpdb5yod_wpftmp.csproj]
SPV3 -> D:\Repos\spv3-loader\bin\Debug\net5.0-windows\win10-x86\SPV3-Loader.dll
SPV3 -> D:\Repos\spv3-loader\bin\Debug\net5.0-windows\win10-x86\publish\
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.1/jquery.min.js
Path to dependency file: SPV3-Loader/node_modules/redeyed/examples/browser/index.html
Path to vulnerable library: /node_modules/redeyed/examples/browser/index.html
Dependency Hierarchy:
Found in HEAD commit: 339c233f38fb804a26d33861aeb9011ccea53d79
Found in base branch: main
jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
Publish Date: 2020-05-19
URL: CVE-2020-7656
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-q4m3-2j7h-f7xw
Release Date: 2020-05-28
Fix Resolution: jquery - 1.9.0
Step up your Open Source Security Game with WhiteSource here
It aint working.
Toss it in the bin.
Toss the bin into dense, rapid traffic. Maybe onto a freeway or something.
Point, laugh, and cry.
This GUI framework aids in the creation of Metro-styled GUIs. It is dependent on Window Presentation Framework.
This will be especially difficult to resolve.
Migrate from WPF to Avalonia
A. Try mingling UNO with our dependencies, though that probably won't resolve MahApps.Metro's WPF dependency nor WPF's dependency on Windows runtimes.
B. Completely migrate away from MahApps.Metro and WPF to Avalonia, GTK#, QtSharp, Qml.NET, or UNO.
See HaloSPV3/HXE#217
Unix OSes don't use the Win32PE EXE format. As such, there won't be a Steam.exe to locate.
A. If System.Environment.OSVersion.Platform
returns PlatformID.Unix
, prompt the user to locate a 'Steam' assembly without requiring a file extension.
B. Allow the user to input the path to 'halo1.dll'. This would require the least amount of development time, but it forces more work upon the user if they choose this method to validate ownership of "Halo CE". As usual, the frontend would be implemented in SPV3
using the pre-existing backend in HXE
.
There are two routes we can take to resolve this issue.
Platform-dependent code paths will be determined at runtime. This implies the following:
System.Environment.OSVersion.Platform
to determine which OS we're running on. In most cases, we'll see either Win32NT
or Unix
. All possible values.// This example demonstrates the PlatformID enumeration.
using System;
class Sample
{
public static void Main()
{
string msg1 = "This is a Windows operating system.";
string msg2 = "This is a Unix operating system.";
string msg3 = "ERROR: This platform identifier is invalid.";
// Assume this example is run on a Windows operating system.
OperatingSystem os = Environment.OSVersion;
PlatformID pid = os.Platform;
switch (pid)
{
case PlatformID.Win32NT:
case PlatformID.Win32S:
case PlatformID.Win32Windows:
case PlatformID.WinCE:
Console.WriteLine(msg1);
break;
case PlatformID.Unix:
Console.WriteLine(msg2);
break;
default:
Console.WriteLine(msg3);
break;
}
}
}
/*
This example produces the following results:
This is a Windows operating system.
*/
Formerly tracked in HaloSPV3/HCE#249.
Some users want this because they are on very low-end PCs. Decal settings hit the hardest due to an issue in the DX9 pipeline since WinVista.
The quantity of decals in a scene drastically affects performance even on modern high-end systems.
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.1/jquery.min.js
Path to dependency file: SPV3-Loader/node_modules/redeyed/examples/browser/index.html
Path to vulnerable library: /node_modules/redeyed/examples/browser/index.html
Dependency Hierarchy:
Found in HEAD commit: 339c233f38fb804a26d33861aeb9011ccea53d79
Found in base branch: main
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Publish Date: 2018-01-18
URL: CVE-2012-6708
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-6708
Release Date: 2018-01-18
Fix Resolution: jQuery - v1.9.0
Step up your Open Source Security Game with WhiteSource here
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.