Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
JSON sniffing with UTF-7 injections
(
eligrey.com
)
2 points
by
Sephr
on Feb 28, 2010
|
hide
|
past
|
favorite
|
2 comments
Sephr
on Feb 28, 2010
|
next
[–]
It will only work in browsers that support UTF-7, which as far as I know is only Firefox. The decoded UTF-7 injected code is as follows:
"}].sniff=[stealData,{"__IGNORE__":"
mooism2
on Feb 28, 2010
|
prev
[–]
What's the vulnerability? It's not explained.
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
