| Saturday November 22nd 2014

Feedburner

Subscribe by email:

We promise not to spam/sell you.


Search Amazon deals:

Posts Tagged ‘validation’

Email address validation: Please stop!

Email address validation: Please stop!

It’s something that’s been bugging me for a long time. All around the web, people are making flawed attempts at validating email addresses, causing a headache for their users, and probably for themselves. I really started to notice this when I began to use the disposable addresses system that Gmail provides. Any mail sent to [...]

Use Twitter? Turn off JavaScript… there’s bad XSS issues there being exploited right now

Use Twitter? Turn off JavaScript… there’s bad XSS issues there being exploited right now

So, I started seeing odd tweets in my timeline, it seems that posting a link like this: http://oh.no/@"onmouseover=";alert('XSS')" fails input validation, resulting in the script being executed when you mouse over the tweet. Note that you can inject pretty much any attribute this way, including style, letting your tweet use fixed [...]