| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Updated verbly & libtwitter++ to remove dependence on json submodule | Kelly Rauchenberger | 2016-11-27 | 2 | -0/+0 |
| | | |||||
| * | Updated verbly to 6c2aca0 | Kelly Rauchenberger | 2016-11-27 | 1 | -0/+0 |
| | | |||||
| * | Fixed makefile error | Kelly Rauchenberger | 2016-09-12 | 2 | -2/+2 |
| | | | | | Also updated libtwitter++ | ||||
| * | Removed unused copy of curlcpp dependency | Kelly Rauchenberger | 2016-09-12 | 2 | -3/+0 |
| | | |||||
| * | Updated libtwitter++ (new API, and fixing a curlcpp crash) | Kelly Rauchenberger | 2016-09-12 | 2 | -161/+152 |
| | | | | | Also changed to use C++ APIs for randomization and sleeping. | ||||
| * | Updated verbly | Kelly Rauchenberger | 2016-04-18 | 1 | -0/+0 |
| | | |||||
| * | Blacklisted an image server known to return bad images | Kelly Rauchenberger | 2016-04-18 | 1 | -74/+53 |
| | | |||||
| * | Merge branch 'master' of https://github.com/hatkirby/difference | Kelly Rauchenberger | 2016-04-16 | 1 | -0/+9 |
| |\ | |||||
| | * | Added Accept header to image requests | Kelly Rauchenberger | 2016-04-16 | 1 | -0/+9 |
| | | | | | | | | | | | | | The canonical bot tweeted an image (https://twitter.com/differencebot/status/721395886291558400) containing an advertisement instead of the requisite object. Previously, the only defense against servers serving the wrong image was that we ignore 300 response codes. This image, when loaded in Google Chrome, loaded a document with a content type of text/html, which is also ignored by difference, and which executed JavaScript redirecting Chrome to a malware-infested page. difference, however, saw the response as an image with content type image/gif (notably different from the URL, which indicated a JPEG image). It turned out that Chrome was using an Accept header that prioritized text/html documents over most other content types, which the malicious server used to decide what content to serve. Changing difference to send the same header caused the malicious server to also serve the text/html document to difference, which difference then discarded. Whilst the Accept header being used now does prioritize text/html documents over images, servers with legitimate content will not use that information when deciding what document to serve. The malicious test URL is http://www.northvalleymedicalsupply.com/shop/products_pictures/adj%20hinge%20knee%20brace.jpg. | ||||
| * | | Tweaked image generation | Kelly Rauchenberger | 2016-04-16 | 1 | -2/+3 |
| |/ | |||||
| * | Updated libtwittercpp | Kelly Rauchenberger | 2016-04-15 | 1 | -0/+0 |
| | | |||||
| * | Added yaml-cpp submodule | Kelly Rauchenberger | 2016-04-15 | 4 | -3/+6 |
| | | |||||
| * | Initial commit | Kelly Rauchenberger | 2016-04-15 | 7 | -0/+381 |
 |
index : difference | |
| Mastodon bot that generates the difference between things |
| about summary refs log tree commit diff stats |