Another CSP nonce bypass, this time for reflected XSS: http://sebastian-lekies.de/csp/attacker2.php …. I will collect more bypasses here: https://goo.gl/t5VLIX
-
-
: Or teach the cache to randomize the token.
@slekies@sirdarckcat@molnar_g@randomdrossThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
yes, breaking the bfcache would be pretty horrible.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.