You already published the same comment under my post. 🤔 I just tested <script> together with alert() and tried to see which Hive frontends will execute the JS. 🤓
Do you mean the harmless <script>alert();</script> testing code I posted about 8 days ago before replacing it with a tiny white pixel 5 minutes after? 🤔
If someone wants to test for cross-site scripts, then they could just search for similar codes posted by others on the Hive blockchain without needing to publish a test post or comment. 🤔
What I did was just to see if some JS code can be prevented from executing by certain Hive frontends (especially D.Buzz) while editing the content. 🤔 Trying to edit a post or comment on those frontends is not possible unless you are logged in to the user's account. 🤓
Congratulations @savvytester! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :
You received more than 400 upvotes. Your next target is to reach 500 upvotes.
You can view your badges on your board and compare yourself to others in the Ranking If you no longer want to receive notifications, reply to this comment with the wordSTOP
@savvytester Your post contains some text that could be a potential attempt to inject malicious code.
Investigation in progress..
More info: https://hive.blog/hive-139531/@keys-defender/new-feature-code-injections-attempts-detection-xss-sql-injections-csrf
This message is self-voted to be more visible among others.
@keys-defender
You already published the same comment under my post. 🤔 I just tested
<script>together withalert()and tried to see which Hive frontends will execute the JS. 🤓!PIZZA
Yep, that's testing for XSS..
@savvytester Your post contains some text that could be a potential attempt to inject malicious code.
Investigation in progress..
More info: https://hive.blog/hive-139531/@keys-defender/new-feature-code-injections-attempts-detection-xss-sql-injections-csrf
This message is self-voted to be more visible among others.
@keys-defender
Do you mean the harmless
<script>alert();</script>testing code I posted about 8 days ago before replacing it with a tiny white pixel 5 minutes after? 🤔!PIZZA
Yep.
Common way to test for XSS's to then exploit with a malicious script
If someone wants to test for cross-site scripts, then they could just search for similar codes posted by others on the Hive blockchain without needing to publish a test post or comment. 🤔
What I did was just to see if some JS code can be prevented from executing by certain Hive frontends (especially D.Buzz) while editing the content. 🤔 Trying to edit a post or comment on those frontends is not possible unless you are logged in to the user's account. 🤓
!PIZZA
Yep, understood.
By the way, check out my play-to-earn 3D game that is going to launch on Hive before the end of July:
@cryptoshots.nft
Hive NFTs -> https://hive.crypto-shots.com
@savvytester Your post contains some text that could be a potential attempt to inject malicious code.
Investigation in progress..
More info: https://hive.blog/hive-139531/@keys-defender/new-feature-code-injections-attempts-detection-xss-sql-injections-csrf
This message is self-voted to be more visible among others.
@keys-defender
@savvytester Your post contains some text that could be a potential attempt to inject malicious code.
Investigation in progress..
More info: https://hive.blog/hive-139531/@keys-defender/new-feature-code-injections-attempts-detection-xss-sql-injections-csrf
This message is self-voted to be more visible among others.
@keys-defender
Congratulations @savvytester! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :
Your next target is to reach 500 upvotes.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPPIZZA Holders sent $PIZZA tips in this post's comments:
@savvytester(2/5) tipped @keys-defender (x1)
Please vote for pizza.witness!
test comment
Test comment with link
https://peakd.com/@savvytester/cqqzsduf4scowblghxhu1v
Posted via D.Buzz