bugs – Terence Eden’s Blog

What does "挨⎒" have to do with "<html"?

2019-03-13 by @edent | #bugs #text encoding #unicode | 1 comment | Read ~113 times.

I received this weird bit of mojibake in an email. Here's the raw text view: ------=_NextPart_001_009E_01D4D8BF.D0737E10 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable =E6=8C=A8=E2=8E=92tml xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"= urn:schemas-microsoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-c= om:office:word" xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml= " xmlns=3D"http://www.w3.org/TR/REC-html40"> What's going on? 挨 is a Chinese, Japanese, Korean (cjk) unified ideograph (U+6328) ⎒ is the passive-pull-up-output symbol (U+2392) That's somehow replaced: < - less-than…

Continue reading →

Facebook Mangles Unicode URLs

2015-02-27 by @edent | #bugs #facebook #security #unicode #url | Read ~678 times.

Facebook rewrite URLs with Unicode in the path - this is not best practice and could be dangerous. It is possible to create a URL like http://bit.ly/😀 - the Unicode characters are valid in the path. The URL Encoded representation is : bit.ly/%F0%9F%98%80 Facebook mangles these URLs in such a way that it might be…

Continue reading →

RTL Bugs

2014-02-24 by @edent | #bugs #chrome #chromium #firefox #unicode | Read ~1,272 times.

Take a look at the following text, looks normal enough doesn't it? "Harry ‮".draziw a si ‭Potter Now, try to select the text and see what happens. WHAT WITCHCRAFT IS THIS?! If you examine the source code for this page, you'll see that I'm using the Unicode Bi-Directional characters. "Harry ‮".draziw a si ‭Potter These…

Continue reading →

Another Google Privacy Flaw - Calendar Unexpectedly Leaks Private Information (Disclosed)

2014-01-23 by @edent | #bugs #gmail #google #privacy | 8 comments | Read ~32,331 times.

My wife likes to set reminders for herself in Google Calendar. Recently, she added a note to her personal Google Calendar reading "Email alice@example.com to discuss pay rise" and set the date for a few months from now. She'd had a discussion with her boss, Alice, and they'd agreed to talk about salary later in…

Continue reading →

Interesting Twitter Hashbang Bug

2012-05-04 by @edent | #bugs #security #twitter #usability | 7 comments | Read ~5,167 times.

Did you know that you can to link to a specific Tweet on Twitter? The URL looks like this: https://twitter.com/#!/edent/status/197967209459499008 Pretty obviously, that's the user's name and the ID of their tweet. Simple, right? Not really, click on that link and you'll see this: That's my name in the URL bar - but the Number…

Continue reading →

Bugs in Twitter Text Libraries

2010-03-31 by @edent | #bugs #dabr #parse #regex #twitter #urls | 6 comments | Read ~172 times.

The Twitter Engineering Team have a set of text processing classes which are meant to simplify and standardise the recognition of URLs, screen names, and hashtags. Dabr makes use of them to keep in conformance with Twitter's style. One of the advantages of the text processing is that it will recognise that www.example.com is a…

Continue reading →

2019
January 31 posts	February 12 posts	March 17 posts
April 12 posts	May 12 posts	June 10 posts
July 7 posts	August 5 posts	September 6 posts
October 14 posts	November 30 posts	December 8 posts

2018
January 8 posts	February 4 posts	March 6 posts
April 14 posts	May 5 posts	June 6 posts
July 6 posts	August 13 posts	September 14 posts
October 8 posts	November 30 posts	December 4 posts

2017
January 12 posts	February 9 posts	March 8 posts
April 4 posts	May 10 posts	June 5 posts
July 5 posts	August 6 posts	September 3 posts
October 4 posts	November 30 posts	December

2016
January 10 posts	February 10 posts	March 11 posts
April 9 posts	May 8 posts	June 9 posts
July 6 posts	August 9 posts	September 4 posts
October 2 posts	November 30 posts	December 14 posts

2015
January 8 posts	February 11 posts	March 10 posts
April 4 posts	May 9 posts	June 3 posts
July 7 posts	August 9 posts	September 10 posts
October 2 posts	November 30 posts	December 4 posts

2014
January 13 posts	February 13 posts	March 13 posts
April 13 posts	May 7 posts	June 7 posts
July 9 posts	August 5 posts	September 5 posts
October 1 post	November 30 posts	December 20 posts

2013
January 25 posts	February 17 posts	March 15 posts
April 17 posts	May 11 posts	June 14 posts
July 6 posts	August 14 posts	September 5 posts
October 3 posts	November 30 posts	December 14 posts

2012
January 14 posts	February 8 posts	March 13 posts
April 15 posts	May 10 posts	June 16 posts
July 8 posts	August 8 posts	September 6 posts
October 6 posts	November 30 posts	December 31 posts

2010
January 6 posts	February 15 posts	March 12 posts
April 13 posts	May 4 posts	June 3 posts
July 15 posts	August 8 posts	September 11 posts
October 9 posts	November 30 posts	December 9 posts

2009
January 1 post	February 5 posts	March 3 posts
April 7 posts	May 12 posts	June 8 posts
July 10 posts	August 10 posts	September 12 posts
October 22 posts	November 31 posts	December 15 posts

2008
January 2 posts	February	March 2 posts
April 3 posts	May 2 posts	June
July 1 post	August 3 posts	September 1 post
October 3 posts	November 2 posts	December 1 post

2007
January	February	March
April	May	June
July	August	September
October	November 4 posts	December 5 posts

2005
January	February	March 1 post
April	May	June
July	August	September 1 post
October	November	December

2002
January	February 1 post	March
April 2 posts	May	June
July	August	September
October	November	December