donaldjtrump.com

In an apt cyber-ending to an election where nobody really got technology even remotely right, Donald Trump's website suffered some indignities on election night.

The site is still up, and it's nothing major, but for a couple of minutes you could edit the text of a header on Trump's site:

The page at the root of the problem is "https://www.donaldjtrump.com/press-releases/archive/," which, as the URL suggests, is an archive of the Trump campaign's press releases. However, when the part of the URL following "archive/" is edited, it allows anyone to change the header on the page to whatever words (or emoji) they want.

This is similar (though not technically) to an XSS issue, where malicious code or a very simple vulnerability allows users to edit the HTML on a page. Visually, this is largely the same as editing a site for yourself using, for instance, Google Chrome's "Inspect Element" feature. But because these are shareable, and based on URLs, people have been having a lot of fun.

The bug was quickly fixed, but not before many on Twitter (almost exclusively mockingly) took full advantage:

Someone Hacked Trump's website in a very subtle way pic.twitter.com/3JNy6xWy7y

— Dusty (@DustinGiebel) November 8, 2016

What a great election for cyber. Truly, it's been a great cyber-election.

Ethan Chiel is a reporter for Fusion, writing mostly about the internet and technology. You can (and should) email him at ethan.chiel@fusion.net

Advertisement