discourse-ai

History

David Taylor b10be23533 FIX: Ensure artifacts are sandboxed, even when visited directly (#921 ) It's important that artifacts are never given 'same origin' access to the forum domain, so that they cannot access cookies, or make authenticated HTTP requests. So even when visiting the URL directly, we need to wrap them in a sandboxed iframe.	2024-11-19 11:44:17 +00:00
..
discourse_ai	FIX: Ensure artifacts are sandboxed, even when visited directly (#921 )	2024-11-19 11:44:17 +00:00

FIX: Ensure artifacts are sandboxed, even when visited directly (#921 )

It's important that artifacts are never given 'same origin' access to the forum domain, so that they cannot access cookies, or make authenticated HTTP requests. So even when visiting the URL directly, we need to wrap them in a sandboxed iframe.

2024-11-19 11:44:17 +00:00

discourse_ai

FIX: Ensure artifacts are sandboxed, even when visited directly (#921 )

2024-11-19 11:44:17 +00:00