Bypass DeepSeek censorship by speaking in hex

(substack.com)

755 points MedadNewman | 1 comments | 31 Jan 25 19:41 UTC | HN request time: 0s | source

Show context

lxe ◴[31 Jan 25 20:13 UTC] No.42891381[source]▶

You can also intercept the xhr response which would still stop generation, but the UI won't update, revelaing the thoughts that lead to the content filter:

    const filter = t => t?.split('\n').filter(l => !l.includes('content_filter')).join('\n');

    ['response', 'responseText'].forEach(prop => {
      const orig = Object.getOwnPropertyDescriptor(XMLHttpRequest.prototype, prop);
      Object.defineProperty(XMLHttpRequest.prototype, prop, {
        get: function() { return filter(orig.get.call(this)); }
      });
    });

Paste the above in the browser console ^

replies(2): >>42891427 #>>42891516 #

tills13 ◴[31 Jan 25 20:25 UTC] No.42891516[source]▶

>>42891381 #

insane that this is client-side.

replies(8): >>42891775 #>>42891802 #>>42892213 #>>42892242 #>>42892457 #>>42896609 #>>42896617 #>>42896757 #

1. LordDragonfang ◴[31 Jan 25 20:49 UTC] No.42891802[source]▶

>>42891516 #

ChatGPT had basically ALL of their prompt filtering client-side for a while, at a separate API endpoint, so as long as you blocked that endpoint you could basically ignore the content filters. (You would still get refusals from the model sometimes, but this was in the heyday of jailbreaks, and once you got a model going it would usually see that context and be willing to continue basically anything.)

↑