Between August 7th and 2024, will any page on Manifold redirect to a page on a different website due to an exploit?
Basic
10
Ṁ944
resolved Dec 31
Resolved
NO

This happened briefly today on the superconductor market.

Note: If such behavior is triggered unintentionally, but the mechanism would also have been exploitable by a malicious actor, resolves YES.

Get
Ṁ1,000
and
S3.00
Sort by:
Ian PhilipsboughtṀ100NO

#skininthegame

What exactly happened on the superconductor market today?

@TamarSpoerri Embeds were apparently implemented through un-sandboxed iframes, and someone embedded a page (in a comment) that caused a redirect in the parent.

(I think not intentionally on the commenter's part. They were linking to a video, and the website hosting it probably has frame-breaker stuff set up in general.)

I should probably define "exploit" for the purpose of this market...

@jskf I strongly suspect that bilibili's frame-breaker is on the 404, not on all videos, and it was only when the video was taken down that the redirect started happening. otherwise, the commenter would've been redirected when the embed-preview shows up while they were editing the comment.

(haven't actually checked tho)

© Manifold Markets, Inc.Terms + Mana-only TermsPrivacyRules