A new web app architecture pattern is being adopted by many popular frameworks. Let’s talk about risk!
-
posts
-
HTML Over the Wire
-
Opinions are like Bugs - Every Spec has one.
When two specifications have differing opinions on how something should be parsed: here be dragons.
-
Bypassing Safe-Redirect in Rails 7.0
Yet another parsing differential bug
-
Cracking a Christmas Story
There’s a scene in the classic Christmas movie “A Christmas Story” where nine-year-old Ralphie uses a secret decoder pin to decode a secret message from his favorite radio program Little Orphan Annie.
-
A Novel Approach to Subdomain Takeover
*Subdomain takeover and DNS hijacking have been covered at length by Franz Rosen, Patrik Hudak, and plenty of other people. Rather than rehashing those traditional techniques, this post will explore a novel approach to finding dangling CNAME records. *