Hacker News new | comments | show | ask | jobs | submit login

> There are a lot of bold claims here, but "automated XSS protection" smells the fishiest to me.

I'll detail the mechanism in some other blog post, but it's actually very simple. In the meantime, let me suggest something: go and connect to the chat and attempt to XSS us :)

You have my word that the online chat is exactly the same one as the source code that we have made available. And you can check that there is not one single line of code for XSS.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact