Another discussion gave me an idea: why not add an optional field that holds the URL (prefix) of the page that is expected to bring someone to a giveaway? This could be a forum post, an itstoohard page, another giveaway, etc. SG will then check if the user arrived at the giveaway from that particular page, and if not will not let the user enter the giveaway page.

This way anyone wanting to make sure that a link to a private giveaway isn't made public will have an easier time.

9 years ago

Comment has been collapsed.

But it's too easy to fake referer

9 years ago
Permalink

Comment has been collapsed.

How easy is it? If it's something that requires even a bit of knowledge or extra work, it will likely help to at least an extent.

9 years ago
Permalink

Comment has been collapsed.

Pretty much easy.. Referer Control

9 years ago
Permalink

Comment has been collapsed.

Yeah, ultra easy ^^

9 years ago
Permalink

Comment has been collapsed.

As a comment for the addon says, it fails to change document.referrer. (I verified that's the case.)

That said, now that I've tested with Chrome, I see that unlike Firefox is doesn't provide the referring page (just the site), which would limit the usefulness of this idea.

9 years ago
Permalink

Comment has been collapsed.

Useless. All the cheater has to do is copy the link, open the new tab/window, paste, hit enter. Clean referer done.

9 years ago
Permalink

Comment has been collapsed.

Just tried it in Firefox. Didn't work (got no referrer).

9 years ago
Permalink

Comment has been collapsed.

So, what would you do if you got no referrer? I don't the idea of blaming someone for not having referer... And if you allow no-referer - the whole idea loses sense...

9 years ago
Permalink

Comment has been collapsed.

It's not "blaming". The user will simply get a message along the line of: "this giveaway page can only be accessed by following the relevant link from itstoohard (/SG/...)".

9 years ago
Permalink

Comment has been collapsed.

Well, this way it has no sense at all. 6 out of 5 users would spoof referer in this case.

9 years ago
Permalink

Comment has been collapsed.

horrible idea. First of all some users may have disabled hyperlinks for security measures (you cannot click malicious link by accident), some users may have malware issues that load tem crap pages and thus gives false ref results. And another thing - users using anonimity scripts and solutions (for whatever reason, maybe there is censorshiop of the internet in their country?) will have ref cleared by default all the time for security reasons.

9 years ago
Permalink

Comment has been collapsed.

Also user doesn't neccessary enter your GA the moment he finds it. He may have 0p left, just bookmark page to visit it later on.

9 years ago
Permalink

Comment has been collapsed.

Can be circumvented by letting a user access the page one he's done it once, but granted that would complicate the implementation.

9 years ago
Permalink

Comment has been collapsed.

A lot of ppl clears cookies together with other stored data the moment they close thebrowser. In such a case he/she would no longer have access to page he's been on once. Next - what about ppl who share their Chrome on different devices? I got into GA page on my workstation in work, I have browser synchronized with my other devices, try to access GA in home, cannot it's weekend, so it's 3 days untill I have access to my workstation and then GA from puzzle I solved is over.

Other solution than using browser storage would be storing data for each separate user server-side, but it woud get massive very fast. Think of how many GAs you view a single day. Now add the fact thet there are surely some users who view een more. And each such a data must be recorded and stored, each timeany user view any private GA it must be queried. Like we didn't have enough lag issues on SG already :/

9 years ago
Permalink

Comment has been collapsed.

For the server-side solution, how many giveaways with a referrer limitation would one view a day? Surely a small number.

For the cookie solution, I would imagine that once you know how to reach the page, recreating these steps at home won't be a huge deal. Yes, it would be a tad less convenient, but not a deal breaker by a long shot.

9 years ago
Permalink

Comment has been collapsed.

you can visit quite a lot of them - because users may just tick the option on not only for puzzle reasons - just for trolling, or to stalk their entrants or for whatever other reason.

While you're consider implementing anything from development point opf view you should always not only think of how it will work if used properly, but also on how will it can work in other circumstances, how can it impact my system in worst case scenario. And worst case scenario here is for example all ppl making trains or event GAs - each with tens of private GAs accessible to anyone having hundreds of entries in a day, even more views, just ticking this option for the sake of trolling.

Repeating your steps hugely depends on the formula of the puzzle what if one steps was solving an ultra hard jugsaw you spent hour working on? What if it was a freaking bruteforce ITH? What if it was a labyrinthe puzzle with multiple GAs hidden all over the labyrinthe? And many others.

9 years ago
Permalink

Comment has been collapsed.

Nice attitude guys....

9 years ago
Permalink

Comment has been collapsed.

yeah, shame on them for pointing the flaws in a suggestion

9 years ago
Permalink

Comment has been collapsed.

what do you mean? me and morikalina just presented OP with constructive arguments why his idea would not work.

If you say "sky is green with pink dots" and I say to you "no, look outside the window, it's blue" you'd comment about my "nice attitude" as well?

9 years ago
Permalink

Comment has been collapsed.

But he didn't say "sky is green with pink dots" he suggested that maybe we could colour the sky green with pink dots, there is a difference. Instead of trying to understand if OP had some solution to the obvious problems, you instead waste time pointing them out and call the idea useless without offering any ideas yourself...

9 years ago
Permalink

Comment has been collapsed.

we pointeed out problems, it is not neccessary nor our job to mandatory propose our ideas each time we say something won't work. OP proposed "solutions" and we countered why such a solutions would be bad as well. Noone called each other names, noone used vulgar language, all we did was point out flaws of the idea. Pointing out facts against someones idea is neither nice nor rude. It's simply how any discussion works.

9 years ago
Permalink

Comment has been collapsed.

Indeed it isn't necessary to propose your own ideas, but does it take so much more time or effort? If you want it to be a discussion then that is the most efficient way to start it. Well, I posted it when OP hadn't proposed "solutions" and it feels kind of bad when your idea is called useless...

9 years ago
Permalink

Comment has been collapsed.

Well, I cannot propose my own solution simply because I don't have any. I don't see a proper way to implement such a system that wouldn't be flawed or harmful towards honest solvers, as I pointed and explained why in my discussion with OP.

It may feel bad to find out that your idea is useless, but well - if it is then it is. So it is useless in protecting from cheaters, and only measures OP could think about are harmful towards honest users. And I will be always against harming honest users in the name of fighting of cheaters (that's basically the same as let's say invasive DRM in video games).

9 years ago
Permalink

Comment has been collapsed.

I don't know if you have understood or not, but I agree with you, I just don't understand why waste time to come here and say the idea is useless, instead of doing something more worthwhile

9 years ago
Permalink

Comment has been collapsed.

because that's how the community works ;) You interact with ppl - both in case you agree with then and when you do not :)

It may vary from person to person, but I don't see community activity, interaction with other ppl as a waste of time ;)

9 years ago
Permalink

Comment has been collapsed.

good idea, i also understand the motivation for this idea...but as mentioned ....it would not work, probably cause even more errors for honest puzzlers, cause the use addons, browsers or whatever that are not compatible with tracking.

9 years ago
Permalink

Comment has been collapsed.

Can you give me examples of addons and browsers which are not compatible with this?

Edit: I found that Chrome only gives the site for referrer, not the full URL, which would make it much harder.

9 years ago*
Permalink

Comment has been collapsed.

all kind of antivirussoftware , browsers and addons that generally block referers or even certain kind of scripts within linksIf you have two different domains/sites whatever that interact this way, it´s likely that some users get problems...cause those links are potentially suspicious for many ad-blockers and so on. The only way to get a clean solution would be a integrated system with some kind of user-authentication....but.honestly thats impossible

edit:
and for the puzzles cases....even if you would manage such a complicated system, that really only allow people that e.g. solved a puzzle to get to the giveaway....how do you prevent people to share solutions.......it´s an awful imagination, that on the end probably many honest people to not enter the ga, cause technical hurdles....but sharing-cheaters do

9 years ago*
Permalink

Comment has been collapsed.

easy example - any anonimity software. If you're for example using a TOR Browser (because maybe there is censorship of the internet in your country and it's the only way you can surf freely) you will have all referers cleared by default for your own security (you don't want to go to prison just because you wanted to have access to let's say google or YouTube, do you?)

9 years ago
Permalink

Comment has been collapsed.

Sign in through Steam to add a comment.