Elon Musk’s X botched an attempt to replace “twitter.com” links with “x.com”
Elon Musk’s X botched an attempt to replace “twitter.com” links with “x.com”
Automatic text replacement let users spoof URLs ending in x, like netflix.com.
You're viewing a single thread.
Regex is hard y'all
Well, they can be, but fucking this particular one up took outright ineptitude
If "Twitter" in urlField then Replace urlField "Twitter" "X"
Jobs finished boss
With skills like this you too could be working for the fascist billionaire manbaby's personal vanity social media service
Thank you capitalism 🤗
Meet the new Gilded Age, same as the old Gilded Age.
Which one do you mean?
Good point, I should probably have said "working for a fascist billionaire manbaby"
Again, that doesn't really narrow it down.
It wasn't supposed to narrow it down, quite the opposite
Musk is too weaksauce to be called a fascist. He is just a crybaby with loads of money working for US government.
At this point I have to assume it's malicious compliance by staff to make Elon look bad.
to make Elon look bad.
why would he need any help when he's doing so much on his own?
From what I can tell, that's more or less what happened and what introduced the vulnerability, someone could make an illicit site called something like illicitx.com, and post it as illicittwitter.com. Basically they feed on real/safe websites that had Twitter in their name, and make an illicit version with x instead and the change would redirect them to the illicit version
It’s really not though. It’s actually pretty simple under the hood.
actually url/uri spec is surprisingly complex, I'm not even sure it's possible to fully/correctly match it with regex without false positives or negatives, especially in twitters case where even things like "google.com" are accepted as valid urls (without the protocol part, which is otherwise mandatory)
But something that you should probably be able to figure out over the course of 12 months of development and testing.