Sven Slootweg

Uh oh

1+
Senhara
@joepie91 oh god, they're not sanitizing their inputs are they
1
Sven Slootweg

@senhara I think this *is* their sanitization

1+
Sven Slootweg
Follow

@senhara (And I suspect that that password is getting string-interpolated into some kind of API call or shell command that goes into another system which needs to create a local account for every system-wide account, or something)

· · Web · 1 · 0 · 0
Senhara
@joepie91 couldn't you toss it into `base64` and let the other end of the API or something decode it to handle it safely????
1+
Senhara
@joepie91 gonna fucking cry
0
Sven Slootweg

@senhara In theory you could (assuming you control the other end's implementation) but I do not get the impression that this thing was built by particularly security-conscious developers

1
Senhara
@joepie91 I'm going to explode
0
Sign in to participate in the conversation
Pixietown

Small server part of the pixie.town infrastructure. Registration is closed.

Resources

Developers

What is Mastodon?

pixie.town

  • About
  • v3.5.19patch-2024-07-04

More…

v3.5.19patch-2024-07-04 · Privacy policy