Open danny-avila opened 3 months ago
Hi @ozgrozer 👋
Great job on this. I've been working on something similar but found the choice to use iframe not very sensitive to security.
Any thoughts on how the current code could mitigate XSS?
In a more "nefarious" example, and just through prompting, I can "override" the entire app
Try this commit. It should prevent XSS.
Hi @ozgrozer 👋
Great job on this. I've been working on something similar but found the choice to use iframe not very sensitive to security.
Any thoughts on how the current code could mitigate XSS?