Facebook Mangles Unicode URLs


Facebook rewrite URLs with Unicode in the path - this is not best practice and could be dangerous. It is possible to create a URL like http://bit.ly/😀 - the Unicode characters are valid in the path. The URL Encoded representation is : bit.ly/%F0%9F%98%80 Facebook mangles these URLs in such a way that it might be […] Read More

RTL Bugs


Take a look at the following text, looks normal enough doesn't it? "Harry ‮".draziw a si ‭Potter Now, try to select the text and see what happens. WHAT WITCHCRAFT IS THIS?! If you examine the source code for this page, you'll see that I'm using the Unicode Bi-Directional characters. "Harry ‮".draziw a si ‭Potter These […] Read More

Another Google Privacy Flaw - Calendar Unexpectedly Leaks Private Information (Disclosed)


My wife likes to set reminders for herself in Google Calendar. Recently, she added a note to her personal Google Calendar reading "Email alice@example.com to discuss pay rise" and set the date for a few months from now. She'd had a discussion with her boss, Alice, and they'd agreed to talk about salary later in […] Read More

Interesting Twitter Hashbang Bug


Did you know that you can to link to a specific Tweet on Twitter? The URL looks like this: https://twitter.com/#!/edent/status/197967209459499008 Pretty obviously, that's the user's name and the ID of their tweet. Simple, right? Not really, click on that link and you'll see this: That's my name in the URL bar - but the Number […] Read More

Bugs in Twitter Text Libraries


Screenshot showing the letters www being converted into a link

The Twitter Engineering Team have a set of text processing classes which are meant to simplify and standardise the recognition of URLs, screen names, and hashtags. Dabr makes use of them to keep in conformance with Twitter's style. One of the advantages of the text processing is that it will recognise that www.example.com is a […] Read More