Use U+200B to evade Twitter's DM malware flagging

/README.md

Last active

December 27, 2015 15:09

Star (2) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Clone this repository at <script src="https://gist.github.com/jed/7345401.js"></script>
Save jed/7345401 to your computer and use it in GitHub Desktop.

Clone this repository at <script src="https://gist.github.com/jed/7345401.js"></script>

Use U+200B to evade Twitter's DM malware flagging

Use this bookmarklet to escape the URL of the current page and evade Twitter's broken malware link flagging. It prepends all periods with a zero-width space, which Chrome, Firefox, and Safari all seem to ignore. Twitter's server won't recognize it as a link (yet), but the Twitter client will, which means it remains clickable in the DM pane.

For example: https://twitter.com/ will get flagged as malware in a DM, while https://twitter.com/ won't. They look the same, but the latter has a ZWSP before the . in .com.

javascript:prompt(0,location.href.replace(/\./g,"\u200b."))._