Migration to tumblr

This blog was born with the idea of ​​being a kind of daily journal for my projects. I needed a place to keep track of my progress, annotate resource links that may be helpful or, when appropriate, publish small scripts in HTML/JS to add value to the subject.

WordPress complies well the first two requirements, but it is particularly difficult to get the third, since they forbids any javascript inclusion into the content published by the administrator of the blog. The content can’t contain <script> tags, href=”javascript:…” or onclick attributes; and iframes are not allowed, of course.

I have not studied the subject thoroughly, but my theory is that wordpress deliberaty bypasses the Same Origin Policy to maintain logged their users through the different subdomains and, to avoid XSS problems, they forbid the inclusion of javascript.

Anyway, I tried to bypass this protection with the following code:

<a href=”data:text/html;base64,PHNjcmlwdD5hbGVydCgnaGksIHRoaXMgaXMgamF2YXNjcmlwdCEnKTs8L3NjcmlwdD4=”>Click me!</a>

But, unfortunately, wordpress also forbids data URL’s.

As a last attempt, I tried to bypass it again using tinyURL but, as you can see if you use Chrome, the Google browser throws a security exception when the HTTP protocol tries to redirect to a data URL (Error 311 (net::ERR_UNSAFE_REDIRECT)).

Curiously, Google Chrome forbids HTTP redirections to data URL’s but allows HTML redirections to data URL’s through <meta> tags!

<meta http-equiv=”refresh” content=”5; url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnaGksIHRoaXMgaXMgamF2YXNjcmlwdCEnKTs8L3NjcmlwdD4=” />

I sended an email to the tinyURL team asking for this feature –HTML redirections when the target is a data URL–.

While waiting the response,  a friend told me about tumblr. He said that they are less restrictive than wordpress, so I created an account.

And I found just what I was looking for: javascript on posts, javascript on themes, javascript on everything!

Goodbye wordpress, see you in Get Off My Kitchen on tumblr.

Advertisements
Tagged , , , ,

Leave a reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: