-
even just this line of code...
``acc = SteamId.from_steam_id('STEAM_0:0:16889404')``
gives me the following error...
``XML data could not be parsed: redirection forbidden: http://steamcommunity.com…
-
[Related to https://github.com/jupyterlab/jupyterlab/issues/13217]
This is mostly applicable to working in a notebook or lab environment, but I would like to be able to customize what happens when …
-
```javascript
setInterval(x=>xyz.alert(1337),0);
i=document.createElement('iframe');
i.name='xyz';
f=document.createElement('form');
b=document.createElement('button');
b.formTarget='xyz';
b.fo…
-
This is similar #142 but I use the Sanitizer API to inject the meta tag
```JavaScript
i=document.createElement('iframe');
i.src=123;
i.name='xyz';
counter=0;
i.onload=x=>{
i.contentDocument.b…
-
## PoC:
```js
// get the original ArrayIterator.prototype.next method
var next = [].values().__proto__.next;
// overwrite the method
[].values().__proto__.next = function(){
var x = next.c…
-
When checking if an inserter function contains shadow DOM, the code expects the argument to be a string (argument is added as `innerHTML` on a new `html` tag).
But many of the functions do not oper…
-
### Why
No matter how much we secure, server scripts will be vulnerable to edits since they directly live in the DB. Server Scripts are absolutely necessary, so we can't kill them either. Maybe we …
-
It is possible to enable access to `opener` in various ways, e.g. opening two popups and using `opener` attribute on snow to perform the following:
```js
// from: snow.playground
opener.location …
-
Could be the same underlying issue from: https://github.com/LavaMoat/snow/issues/141
```js
var x = document.createElement('iframe');
x.srcdoc = ``
document.body.appendChild(x);
setInterval(()=>…
-
#### What is the problem?
Awhile back we introduced `getpwd` with a hope to workaround the issue of `getcwd` dereferencing symlink'ed directories (actually IIRC not even knowing the symlinked path)…