Matteo Collina on Nostr: On npub1u2tcc…f9p3x servers, prototype pollution attacks originate from developers ...
Published at
2024-06-03 16:16:00Event JSON
{
"id": "eb124f49199be26bdfcde0c50e8d5ecee8563314c385a005e822310ac2629b23",
"pubkey": "84afd2faf632c84f9539aaeb2bab0e8552e22b40a04e3df184f5e6ee3cc31f6b",
"created_at": 1717431360,
"kind": 1,
"tags": [
[
"p",
"e2978c3d49a4d29b18067fc050e79cb4c08866530449b6e065e700155057bba7",
"wss://relay.mostr.pub"
],
[
"p",
"f41b035d1f56b47ff0acc8ebed8a4352e820949478b00910dd5ecb9c323de1fd",
"wss://relay.mostr.pub"
],
[
"proxy",
"https://fosstodon.org/users/mcollina/statuses/112553581649271208",
"activitypub"
]
],
"content": "On nostr:npub1u2tcc02f5nffkxqx0lq9peuuknqgsejnq3ymdcr9uuqp25zhhwns6f9p3x servers, prototype pollution attacks originate from developers not validating their input data. A runtime or library cannot fully harden against such a scenario because it is a developer mistake. \n\nTL;DR do not trust any input, and always validate any user data before usage",
"sig": "313e81e5e918cab89bbff50f1a33326d91f2833efe2250c50c7e12aae3329ee3abfcdfc4c6e3caa180607797914f6853dcfb245dbda259eb807341b4944555ed"
}