Hacktoberfesthelp wantedsecurity
Métriques du dépôt
- Stars
- (8 949 stars)
- Métriques de merge PR
- (Aucune PR mergée en 30 j)
Description
If the source website has the script like this:
<script type="text/javascript">
if(window != top) {
top.location.href = location.href;
}
</script>
It may cause a open redirect issue on codimd.
I use www.plurk.com which has anti-clickjacking code to demo.
<iframe src="https://www.plurk.com/k1tten_">
Broswer verison:
Safari 11.0.2: triggered
Firefox Quantum 62.0 : triggered
Chrome 68.0.3440.106: not triggered