Skip to content

get_upload api is fucked #353

New issue
New issue
Open
Open
get_upload api is fucked#353
Assignees
PF94
Labels
bugSomething isn't working
Milestone
"Fitzgerald" 2.1
@PF94

Description

@PF94
PF94
opened on Jan 14, 2026

https://squarebracket.pw/api/v3/get_upload?id=9vbOjtCunZV

{"id":"9vbOjtCunZV","title":"hi","description":"hi","author":{"username":"logan","displayname":"logan","color":"#3399cc","joined":1612069200,"connected":1724340655,"powerlevel":1,"flags":{"fulptube_account":false,"unverified":true,"featured":false,"profile_customization_enabled":false}},"uploaded":1612029600,"views":15,"file":"beaef5ec-78bb-4d8e-b618-6c90cc3eb93d.converted.mp4","type":0,"tags":[]}

well, this is embarrassing. there is so many things wrong with this:

  1. in the case of pre-november 2024 video uploads, it returns a bullshit filename based off bunnycdn video streaming guids (due to a seldom-used db column). bunnycdn support was gutted in november 2024.
  2. due to the userdata class now handling user flags, this exposes internal flags (fulptube account flag and unverified). there is no api to fetch a specific user however so this can't really be used as a way to, as an example, abuse verifications on fulptube/sb.
  3. this upload's author is banned, it should return an error indicating so, yet it doesn't??? this also applies to taken down uploads.
  4. while not shown in this example, tags are fucked. its json but gets encoded into a string???

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions