Closed weizman closed 1 year ago
CTX https://github.com/LavaMoat/snow/issues/129#issuecomment-1640046142
Fix: xss challenge page counts on the ability to run javascript: code, but the new demo app does not allow unsafe-inline so i had to come up with different tricks for the demo app to work.
javascript:
unsafe-inline
CTX https://github.com/LavaMoat/snow/issues/129#issuecomment-1640046142
Fix: xss challenge page counts on the ability to run
javascript:
code, but the new demo app does not allowunsafe-inline
so i had to come up with different tricks for the demo app to work.