InfoQ

Pretext.js Bypasses DOM Layout Reflow, Enabling Advanced UX Patterns at 120 FPS

Cheng Lou, a Midjourney engineer, recently released Pretext, a 15KB open-source TypeScript library that measures and lays out text without browser layout reflows, enabling advanced UX/UI patterns like ...
GitHub

DOM型XSS高级利用的基本概念

DOM型XSS(Cross-Site Scripting)是一种基于客户端的安全漏洞,攻击者通过操纵页面的DOM(Document Object Model)结构来注入恶意脚本。与反射型和存储型XSS不同,DOM型XSS的漏洞点在于客户端JavaScript代码,而不是服务器端代码。攻击者通过修改URL参数或其他用户输入 ...