Comments on: Twitter misidentifying context

By: brain[pillow]

brain[pillow] — Thu, 14 Jan 2010 04:50:17 +0000

A little bit another vector:

http://search.twitter.com/search?q=%26%2339%3B)%3Balert(%26%2339%3Bxek%26%2339%3B)%3B%2F%2F

By: Gareth Heyes

Gareth Heyes — Wed, 25 Nov 2009 14:06:41 +0000

@Mathias

Yeah it executes alert(1) a couple of times, you’re probably using IE and so it won’t work as I use ' but if you use Firefox it will work when you click the “Tweet these results” it could work on other browsers using the alternative entities I mentioned in the post

By: Mathias Bynens

Mathias Bynens — Wed, 25 Nov 2009 13:11:24 +0000

Great post.

Is the “Twitter poc (don’t tweet these results)” link supposed to alert something? Cause it’s not doing anything special over here. Perhaps WordPress ate parts of the URL or something?

By: Gareth Heyes

Gareth Heyes — Wed, 25 Nov 2009 12:34:29 +0000

@James

Yep exactly

By: James

James — Wed, 25 Nov 2009 12:29:13 +0000

Another reason not to use inline event handlers.

By: c

Mon, 23 Nov 2009 16:10:40 +0000

Two good posts today. I’ve got about a day of security reviews for our web apps now. More interesting than whatever the fuck I would have been doing, though.