Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
alcover
on Feb 10, 2022
|
parent
|
context
|
favorite
| on:
Web hacking techniques of 2021
> textContent = response
Good question (that none of the replies seem to address). That is exactly what I would do if rendering 'tainted' text.
Can someone please tell us how it could be defeated ?
tgsovlerkhgsel
on Feb 11, 2022
[–]
This should be safe.
trulyme
on Feb 13, 2022
|
parent
[–]
...unless it is a text that the attacker shows to another user, in which case they can trick this user to perform some action (send cryptocurrency,...).
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Can someone please tell us how it could be defeated ?