Hailey

hailey@hails.org

Hailey

hailey@hails.org

woof! I am a computer tinkerer, polyglot hacker, music enjoyer, and bike rider. Also a huge nerd. Trans 🏳️‍⚧️ and queer 🏳️‍🌈

2025-06-03 18:44:28 2025-06-03 13:53:07 2025-06-03 09:02:54 7910866

mastodon - Link to source

Hailey

6 months ago • •

Hailey
6 months ago

shot, chaser

The "Written using Claude" section of the readme at https://github.com/cloudflare/workers-oauth-provider/

CVE-2025-4143 description with the highlighted text "Readers who are familiar with OAuth may recognize that failing to check redirect URIs against the allowed list is a well-known, basic mistake, covered extensively in the RFC and elsewhere. The author of this library would like everyone to know that he was, in fact, well-aware of this requirement, thought about it a lot while designing the library, and then, somehow, forgot to actually make sure the check was in the code. That is, it's not that he didn't know what he was doing, it's that he knew what he was doing but flubbed it."

Languages
Search Text
Share via ...

in reply to Hailey

pleroma - Link to source

feld

in reply to Hailey • 6 months ago • •

I hope we dunk on humans who make this same type of mistake with equal fervor

Languages
Search Text
Share via ...

⇧