{"id":8788,"date":"2014-05-07T13:53:45","date_gmt":"2014-05-07T17:53:45","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=8788"},"modified":"2014-05-07T13:54:02","modified_gmt":"2014-05-07T17:54:02","slug":"dropbox-vulnerability-affecting-shared-links","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2014\/05\/07\/dropbox-vulnerability-affecting-shared-links\/","title":{"rendered":"Dropbox Vulnerability Affecting Shared Links"},"content":{"rendered":"<p><a href=\"https:\/\/blog.dropbox.com\/2014\/05\/web-vulnerability-affecting-shared-links\/\">Dropbox<\/a> (via <a href=\"http:\/\/hardware.slashdot.org\/story\/14\/05\/07\/009248\/dropbox-and-box-leaked-shared-private-files-through-google\">Slashdot<\/a>):<\/p>\n<blockquote cite=\"https:\/\/blog.dropbox.com\/2014\/05\/web-vulnerability-affecting-shared-links\/\"><p>We wanted to let you know about a web vulnerability that impacted shared links to files containing hyperlinks. We&rsquo;ve taken steps to address this issue and you don&rsquo;t need to take any further action.<\/p>\n<p>For background, whenever you click on a link in any browser, the site you&rsquo;re going to learns where you came from by something called a referer header. The referer header was designed to enable websites to better understand traffic sources. This is standard practice implemented across all browsers.<\/p><\/blockquote>\n<p>Their remedy, breaking any existing shared links, seems to be worse than the problem it&rsquo;s trying to solve.<\/p>","protected":false},"excerpt":{"rendered":"<p>Dropbox (via Slashdot): We wanted to let you know about a web vulnerability that impacted shared links to files containing hyperlinks. We&rsquo;ve taken steps to address this issue and you don&rsquo;t need to take any further action. For background, whenever you click on a link in any browser, the site you&rsquo;re going to learns where [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"","apple_news_api_id":"","apple_news_api_modified_at":"","apple_news_api_revision":"","apple_news_api_share_url":"","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[47,48,96],"class_list":["post-8788","post","type-post","status-publish","format-standard","hentry","category-technology","tag-dropbox","tag-security","tag-web"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/8788","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=8788"}],"version-history":[{"count":1,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/8788\/revisions"}],"predecessor-version":[{"id":8789,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/8788\/revisions\/8789"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=8788"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=8788"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=8788"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}