From ddbc41a0e334e391493b4644051ab5bf0218d338 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela.suomalainen@outlook.com>
Date: Wed, 31 Oct 2012 20:04:22 +0200
Subject: [PATCH] IRC/Supybot: mention !web fetch

---
 IRC/Supybot.html    |  6 +++++-
 IRC/Supybot.html.md | 11 ++++++++++-
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/IRC/Supybot.html b/IRC/Supybot.html
index bd49841..204b2df 100644
--- a/IRC/Supybot.html
+++ b/IRC/Supybot.html
@@ -32,8 +32,12 @@ Security issues of Supybot
 <p>What does this mean? Anyone can tell the bot to ghost someone else on same account, take over a channel by telling the bot to give flags (if it has correct flags), change password of the account and everything else what you do with network services.</p>
 <h2 id="web-page-with-special-characters-in-title-can-be-used-to-send-dccctcp-commands.">4. Web page with special characters in title can be used to send DCC/CTCP commands.</h2>
 <p>This doesn't mean only things like CTCP actions (also known as /me), but known problems with old routers ( FF ? DCC SEND “ff???f??????????????” 0 0 0 ) which make them reconnect to the internet.</p>
+<p>Usage:</p>
+<pre><code>!web title &lt;malicious.page.here&gt;
+!web fetch &lt;malicious.page.here&gt;</code></pre>
+<p>Note that web fetch is disabled by default.</p>
 <p>This is currently* fixed only in Limnoria's testing version.</p>
-<p>*See the changelog link at bottom. Currently means 17:43 (UTC) on 2012-10-31.</p>
+<p>*See the changelog link at bottom. Currently means 18:04 (UTC) on 2012-10-31.</p>
 <h1 id="are-these-issues-publicly-known">Are these issues publicly known?</h1>
 <p><STRONG>Of course they are.</strong> They have been reported to</p>
 <ol class="incremental" style="list-style-type: decimal">
diff --git a/IRC/Supybot.html.md b/IRC/Supybot.html.md
index b43bd54..5dff839 100644
--- a/IRC/Supybot.html.md
+++ b/IRC/Supybot.html.md
@@ -63,9 +63,18 @@ What does this mean? Anyone can tell the bot to ghost someone else on same accou
 This doesn't mean only things like CTCP actions (also known as /me), but known problems with old routers ( FF ? DCC SEND “ff???f??????????????” 0 0 0 ) which make 
 them reconnect to the internet.
 
+Usage:
+
+```
+!web title <malicious.page.here>
+!web fetch <malicious.page.here>
+```
+
+Note that web fetch is disabled by default.
+
 This is currently* fixed only in Limnoria's testing version. 
 
-*See the changelog link at bottom. Currently means 17:43 (UTC) on 2012-10-31.
+*See the changelog link at bottom. Currently means 18:04 (UTC) on 2012-10-31.
 
 
 # Are these issues publicly known?