Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
cetra3
on July 5, 2018
|
parent
|
context
|
favorite
| on:
Itty Bitty: Sites contained within their own links
Just be careful about XSS:
https://itty.bitty.site/#/?XQAAAAIhAAAAAAAAAAAeHMhnVbtj2LI97...
tantalor
on July 5, 2018
[–]
Why
cetra3
on July 5, 2018
|
parent
[–]
If you're using this in your site as it stands, you are opening up XSS attacks as it does not appear to sanitise user input.
tantalor
on July 5, 2018
|
root
|
parent
[–]
Only if you do something silly like serve cookies on that domain
comesee
on July 5, 2018
|
root
|
parent
[–]
I think this is ignoring the content of his warning and is a tautology.
"it's only opens up an attack if you allow the attack vector"
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: