Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
febusravenga
6 months ago
|
parent
|
context
|
favorite
| on:
RCE Vulnerability in React and Next.js
Half of web map solutions rely on workers, which can't be easily loaded from 3rd party origins, so are loaded as blobs. loading worker from blob is effectively an eval.
__alexs
6 months ago
|
prev
[–]
The client sort of exists to have code injected into it though?
jacquesm
6 months ago
|
parent
[–]
If you want to describe text mark-up as programming, then yes. But most people do not do that.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
