?
brad's life [entries|archive|friends|userinfo]
Brad Fitzpatrick

[ website | bradfitz.com ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

4am == sleep time [Jun. 9th, 2000|03:48 am]
Brad Fitzpatrick
Man, I'm on fire tonight .... everything I set out to accomplish programming-wise I'm getting done. But sadly, 4am fast approacheth ... I think I'm going to have to force myself to sleep soon here. I think the coolest thing I did tonight was prevent any JavaScript from being used on LiveJournal ... this plugs a big security hole that affects all site with dynamic content. I won't give details (because I don't want to give anybody ideas before I'm fully done testing it myself) but don't worry --- it's fixed. It was never a problem until 3 weeks ago, and I've been scanning every few days to see if anybody had exploited the problem yet, but nobody has. (I'm kinda disappointed, actually ... it would've been a clever hack.) Anyway, going to program awhile longer, then sleep....
LinkReply

Comments:
[User Picture]From: liquescent
2000-06-09 09:19 am (UTC)

javascript embed quit working....is that related?

I was reading your bit about the javascript safety feature and was wondering if that has anything to do with the fact that my JS embed quit working?

I can type the customview.cgi address directly into the browser and pull up my journal, but the page with the embed is completely empty?
(http://www.liquescent.com/candi/live.html)

Candi
(Reply) (Thread)
[User Picture]From: bradfitz
2000-06-09 02:02 pm (UTC)

Re: javascript embed quit working....is that related?

Fixed....
(Reply) (Parent) (Thread)
[User Picture]From: liquescent
2000-06-09 05:13 pm (UTC)

Re: javascript embed quit working....is that related?

Awesome!
Thanks a bunch.
Candi
(Reply) (Parent) (Thread)
[User Picture]From: tufchoice
2000-06-09 02:09 pm (UTC)

fixed!!

that's funny... i was just having the same problem, and then it started working!! good job brad!
(Reply) (Thread)
From: _bassta_
2000-06-09 02:18 pm (UTC)

Well you see Brad I am not an hacker... a real good guy :) Until now I didn't thought about it... Maybe because I don't want to hack LiveJournal, as I like this service and don't want to do it any harm.

Damn I am too stupid :) What a Hack LOL...
(Reply) (Thread)