Y
Hacker News
new
|
ask
|
show
|
jobs
by
rdl
4498 days ago
Your checker doesn't work well with curl, btw -- you end up seeing both the not vulnerable AND the vulnerable (alt text) messages.
2 comments
cantfindmypass
4498 days ago
There's not a whole lot I can do about that without adding a lot of complexity. You could try downloading
https://gotofail.com:1266/test.png
I suppose.
link
Jayschwa
4498 days ago
curl
https://gotofail.com:1266/
Client's that aren't vulnerable should flip out when trying to load that.
link