How tumblr uses \0 in the output of meta tags

After a hilarious incident where a friend of mine wrote a blog post that contained a \0 (that is, the string “\\­0” and not the character ‘\0’), it has become apparent that something is going very wrong with how tumblr outputs opengraph and twitter meta tags.

At first, I thought it was a simple mistake where someone forgot to escape something, but it turned out to be much more complex.

It was discovered that when the html of the page is modified such that </head> is </head > or anything else that does not case insensitively match “</head>”, the meta tags are not outputted at all!

As far as we can tell, the following steps are happening at page load (not necessarily in this order):

  1. Search for </head> in html to be outputted, store result in a variable, lets call it x.
  2. Generate the <!— BEGIN TUMBLR FACEBOOK OPENGRAPH TAGS —> block that should be printed, terminated with a \0 (at this point I am unsure if this was intended to be a NUL or the literal string \0, but its being interpreted as the literal string by the code)
  3. The result is passed onto the code that injects the <!— TWITTER TAGS —> block.
  4. Replace the first \0 with the <!— TWITTER TAGS —> block which terminates with </head> (regardless of how the original is capitalized) and return control to the OPENGRAPH code
  5. Replace all instances of \0 in the generated block with x. In the normal case, this should be none of them, but this line was never removed after the twitter tags were added.
  6. At some point, it was decided that an additional javascript and x-dns-prefetch-control header and keywords needed to be appended, so another search for </head> was done, and replaced with that code + </head>

The result? well, inspect the source of some of the pages on this blog yourself. Compare it to the source from a normal blog, and see how the parts have been transposed.

-@Mithorium

Thanks to my friends here and here for their help in researching this bug, as well as for the post that started it all.

\0oh god how did this get here I am not good with computer

  1. drpizza reblogged this from dudewheresmybackslash0
  2. toogoodtoworry reblogged this from dudewheresmybackslash0
  3. x-a-z-a-x reblogged this from dudewheresmybackslash0
  4. harishanchu reblogged this from dudewheresmybackslash0
  5. winnnit reblogged this from dudewheresmybackslash0
  6. hmeras reblogged this from dudewheresmybackslash0 and added:
    Snipped to avoid issues.
  7. furiousweasels reblogged this from dudewheresmybackslash0
  8. dudewheresmybackslash0 posted this