@attritionorg I like JSON better than XML, especially in PHP projects.
-
-
-
@voodooKobra they are both "oh shit we didn't handle unexpected input" situations. standard-be-damned. -
@attritionorg XML in PHP means, most likely, XXE -
@voodooKobra just a stupid simple DoS. "oh god new data we didn't expect" because the API changed ever-so-slightly -
@voodooKobra attacking hash algos must come in/out of fashion, good perl blog http://blog.booking.com/hardening-perls-hash-function.html … &#oCERT list at http://www.ocert.org/advisories/ocert-2011-003.html …
End of conversation
New conversation -
-
-
@attritionorg even when the server uses strong shared key encryption between server and client? just curious... -
@sjsmith_au encryption has ZERO to do with "unexpected data" in that context. -
@attritionorg ah ok. Was just a bit curious thats all. -
Tweet unavailable
-
@TimelessP@attritionorg I've written a php based JSONP application before. I used a lot of exception handling -
Tweet unavailable
-
@TimelessP@attritionorg that looks scary to me. Then again I never was that good at C. :}
End of conversation
New conversation -
-
-
@attritionorg That post is far too serious for this time of night in Vegas...Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@attritionorg what do you suggest as an alternative?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@attritionorg But as currently implemented, it's a HASHDOS vector. :(Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.