skimming the latest TweetDeck update src code - was the XSS due to broken emoji parsing? :O
-
-
@mathias thx, that was roughly my conclusion. :) -
@bcrypt My guess: if (containsEmoji(tweet)) { return replaceEmojiSymbolsWithImgTags(tweet); } else { return htmlEscape(tweet); } - 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.