Gihub 给了发现 Github Pages Cookie Tossing 漏洞的哥们(没错,就是用 mass assigment 漏洞黑 Github 那哥们)$500 赏金~
Good news everyone, Github makes first steps with bounty: I received $500 for an interesting bypass of new cookie-tossing protection.
https://twitter.com/homakov/status/311119265858195456