Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Malformed link failure #33

Open
crashdemons opened this issue May 12, 2015 · 0 comments
Open

Malformed link failure #33

crashdemons opened this issue May 12, 2015 · 0 comments

Comments

@crashdemons
Copy link

This is somewhat anecdotal but while testing a friend's pierc setup I made several posts and the logs were completely inaccessible immediately after. (Something went spectacularly wrong, Error: blank)

I'm not sure which if any post caused the error.
The friend seemed to indicate he was using an updated version.

Although we had this failure, thankfully there weren't any XSS found yet!

Here were the test posts in order:

:crashdemons!~cd@unaffiliated/crashdemons PRIVMSG #dnbhl :testing the log bot:  \0 %00 &#0; "');</div><iframe src="http://google.com">  http://"/  
:crashdemons!~cd@unaffiliated/crashdemons PRIVMSG #dnbhl :<>"http://www.google.com/"<>
:crashdemons!~cd@unaffiliated/crashdemons PRIVMSG #dnbhl :http://x  y z
:crashdemons!~cd@unaffiliated/crashdemons PRIVMSG #dnbhl :>http://>http://>

Notes: while testing links I noticed that link URL text is not always escaped (not a big issue since quotation marks are) and an extra closing-span gets stuck inside the link for malformed links. Not a breaking issue.

Post 3 contains just a tab character and a No-break-space in the link, which isn't reflected above.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@crashdemons