Y
Hacker News
new
|
ask
|
show
|
jobs
by
tuananh
4619 days ago
it's bad practice : yes but the source is there on github. you can always take a look. what is there to be afraid of.
2 comments
ultimoo
4619 days ago
The first URL isn't https. A rogue router anywhere from your building or your ISP to the server's building could potentially tamper with a plain text http response, which would then be evaluated by your shell.
link
tuananh
4619 days ago
well i was talking about homebrew. it uses https.
ruby -e "$(curl -fsSL https://raw.github.com/mxcl/homebrew/go)"
link
btgeekboy
4619 days ago
On a non-github platform, it would be trivial to serve different content if the user agent was curl or wget.
link