你即將離開本站

並前往https://news.ycombinator.com/item?id=24703230

DOMPurify bypass: XSS via HTML namespace confusion

Unfortunately, even HN itself uses a script-src with unsafe-inline, and it allows everything on cloudfare's CDN.

確定! 回上一頁

查詢 「DOMPurify cdn」的人也找了:

  1. DOMPurify
    2.
  2. Npm dompurify
    3.
  3. Html2pdf
    4.
  4. jsPDF documentation
    5.
  5. Dompurify cdn
    6.
  6. jsPDF could not load html2canvas
    7.