Open MaxNiftyNine opened 8 months ago
What are you expecting the solution to be here? If you're introducing a MITM that can alter content, I'm not sure there's much the application can do to protect against it. We already sanitize the content when it gets to our servers.
What are you expecting the solution to be here? If you're introducing a MITM that can alter content, I'm not sure there's much the application can do to protect against it. We already sanitize the content when it gets to our servers.
Is it possible to scan the text for a string like "
Summary:
Using a https proxy, you can send a xss(kinda) in a discussions page using
Steps to reproduce:
Expected behavior:
This not working
Actual behavior:
this working
Additional notes: