Take My Posts To Your Email Inbox

Enter your email address & be one among the 600+ subcribers.

Thanks for visiting my blog ;-)

Friday, September 24, 2010

Twitter's Explanation About 'onMouseOver' !!!

             If you are Twitter, then you must have known about the onMouseOver issue, which shook the Twitter.com. And later it was solved by Twitter. And off course, onMouseOver was the trending topic for three to four days at a stretch.

             Twitter has also explained about this incident, technically, in their official blog. It was explained that the issue was due to CROSS-SITE SCRIPTING (XSS). It is nothing but pasting a code from an untrusted website into another one. Here in Twitter, users submitted a JavaScript code as plain text into a Tweet that could be executed in the browser of other user. Actually it was early a month and Twitter discovered it and corrected them. But without their knowledge, a recent site update resurfaced it.

            And this helped a cool cracker to play on Twitter.com security. He worked on, and somehow managed to do so. Finally the onMouseOver occurred. And added to this, there was another problem in Twitter, some other guy who added another code that resulted in automated Retweets from other profiles. So users would have noticed some unknown retweets which was not made by them, in their profile. After all these explanations, Twitter apologized for the security issue.

No comments:

Post a Comment

You are pleased to comment about my works and other things....
Thank You,

Drag This To Your Browser's Bookmarks