[avargas]

I hope Stripe developers didn't write this code. I got the movie for free, jesus ... http://imgur.com/a/hf8FZ - and I didn't get a job after my interview with Stripe earlier this year.

[gdb]

Oof. You found a legitimate bug with their integration -- they've now fixed it.

[bengali3]

"we couldn't agree on compensation" is how I like to phrase it

[undefined0]

I've found a second method to see the movie for free.

Step 1) Go to https://twitter.com/search?q=seetheinterview.com%2Fplayer%2F

Step 2) Click on a link to seetheinterview.com's player

Step 3) Either use a USA VPN or enter the '403 Forbidden' URL into a USA web proxy such as http://www.usawebproxy.com/

[revicon]

Not bad. Works.

[higherpurpose]

No more.

[funnygryn]

1) Open up the chrome developer tools 2) On the sources tab, set a breakpoint @ line 69, the one saying "if ( response == 'lacey' ) {" 3) Reload the page 4) Open the console tab, type response = 'whatever' 5) Go back to the sources tab and hit the Play button 6) Enjoy movie

[grhmc]

Anyone feel like this is Sony testing The Internet on how we behave if they give us nice things, like streaming movies online right when they are released without DRM?

[sjwright]

As long as they exclude from their statistics people who they refuse to sell their product to.

[sschueller]

If it was Sony it would not be a surprise after that complete failure to protect their network.

[sonoffett]

there is much more to a hire than just technical ability (eg., personality fit, overqualified, will they stick around, etc.)

[mkempe]

What's the idea with the 50% chance of using one or the other key?

[encoderer]

It must've been broken on the server too then? I call BS...

The way stripe checkout works, that token is passed to your server and you do an API request to stripe with the token. The token merely represents your card. The charge is done on the server.

I'll take the downvote rather than pile-on with criticism that is almost certainly misplaced. I find it very unlikely the GP downloaded the movie for free. If i'm wrong, I'll gladly retract, but the presence of the test key in the comments is hardly an indication that it'll work on the server.

[mrtron]

It looks like the secret code was the test code, which accepts test cards:

4242424242424242 for Visa

And rejects test cards:

card_declined: Use this special card number - 4000000000000002.

[sah88]

You would think if you're using the live secret code server side it would reject charge tokens coming from the public test code.

edit: To be clear I haven't tested this and don't have time today with xmas and such.

[encoderer]

Like sah88 says, on the server when you connect to Stripe with your prod secret key, it will reject tokens made on your test key.

[dsjoerg]

Eww. What made you think to try? Does that work on Stripe in general or just this site?

[derwiki]

Just this site. Integration issue.

[encoderer]

What, exactly, are you suggesting "works"?

[avargas]

Curiosity is a weird quality.

[curiously]

I have to wait until somebody torrents it because it is not available in my country. There's no way to purchase and watch it.

[JeremyMorgan]

Don't feel bad. Actual skill and ability isn't much of a hiring factor with companies like this.

[onewaystreet]

That you posted this comment is a good indicator that Stripe made the right decision not to hire you. It shows a lack of professionalism, judgment, maturity, etc.

[whitehat2k9]

On the other hand, he'd be a great fit for a security/pentesting company.

[golgappi]

Eh? He is not working for them.