Given that this site is not hosted on a domain where you have important session ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

Uehreka on Nov 5, 2018 | parent | context | favorite | on: Stacksort – Searches StackOverflow for sorting fun...

Given that this site is not hosted on a domain where you have important session cookies (or where you’ve granted permissions like camera or location usage) I don’t see much problem with eval-ing untrusted code. Most of the common XSS threats just don’t apply here.

astrodust on Nov 5, 2018 [–]

It's all fun and games until the next JavaScript sandbox busting zero day drops.

kpcyrd on Nov 5, 2018 | [–]

If I had that kind of exploit I surely wouldn't post it on stackoverflow.

jsmith99 on Nov 5, 2018 | | [–]

Why not? They even have a tag for it

https://stackoverflow.com/questions/tagged/exploit

crystaln on Nov 5, 2018 | | [–]

Maybe someone should create a site like this that runs all security exploits on SO in your browser.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact