

Reddit.com is doing SQLi in its Server HTTP header - FiloSottile
http://monosnap.com/image/JLubWhA3RuXCZ8kqotQ6SmM8U

======
h2s
An enormous screenshot of a browser window with the Network tab open in the
bottom is hardly a sensible way of communicating the content of a few bytes of
HTTP header.

    
    
        $ curl -I "http://www.reddit.com/"
        HTTP/1.1 200 OK
        Content-Type: text/html; charset=UTF-8
        Server: '; DROP TABLE servertypes; --
        Date: Sun, 03 Feb 2013 13:35:50 GMT
        Connection: keep-alive

~~~
FiloSottile
A link to a pastebin (the only alternative that comes to my mind) would have
required more verification effort, I guessed.

------
sid6376
Old discussion regarding the same:
<http://news.ycombinator.com/item?id=1352858>

------
spiffistan
<http://xkcd.com/327/>

------
jdiez17
It's a joke.

