WingNews logo WingNews
top | item 41707866

(no title)

akshayrajp | 1 year ago

What if they have regex'd that field?

discuss

order

sebstefan|1 year ago

If they use a regex? https://linkedin.com@i-dont-have-linkedin.com?linkedin.com/

If they do it the proper way? It's all ogre

You shouldn't use regex to parse URLs, you should use the URL handler that comes with your language (ex: https://developer.mozilla.org/en-US/docs/Web/API/URL/URL)

```js

    const linkedin = new URL("https://linkedin.com@i-dont-have-linkedin.com?linkedin.com/");
    console.log(linkedin.host);
    // => "i-dont-have-linkedin.com"
```

xdennis|1 year ago

Neat trick. Firefox does give a warning about it:

> You are about to log in to the site “i-dont-have-linkedin.com” with the username “linkedin.com”, but the web site does not require authentication. This may be an attempt to trick you.

> Is “i-dont-have-linkedin.com” the site you want to visit?

If those sites are even more clever than a regex, they might bin your application for this.

revx|1 year ago

Ends in LinkedIn.com so that'll pass some of them at least.

snapcaster|1 year ago

Hopefully they just match on linkedin.com