Is Twitter allowing arbitrary code execution on their platform? (twitter.com) 4 points by Payus 3y ago ↗ HN
[–] Payus 3y ago ↗ Apart from how cool it looks, isn't this a huge safety concern? [–] KMnO4 3y ago ↗ No, frames predate the modern internet. Actually, one of the very first CVEs was related to XSS and birthed cross-origin policies.Pretty much every exploit related to embedding third party code in a frame has long been closed.
[–] KMnO4 3y ago ↗ No, frames predate the modern internet. Actually, one of the very first CVEs was related to XSS and birthed cross-origin policies.Pretty much every exploit related to embedding third party code in a frame has long been closed.
[–] NaughtyShiba 3y ago ↗ Seems to be normal from mobile - that game opens in new tab [–] petee 3y ago ↗ For me, using Opera on Android 12 it opens within the tweet, not a separate tab
6 comments
[ 2.8 ms ] story [ 21.8 ms ] threadPretty much every exploit related to embedding third party code in a frame has long been closed.