Nicholas Jitkoff
Nicholas Jitkoff
You cannot use url parameters for this (since it has to be in the fragment), but you CAN have default values within an html form that you put here. So...
So.... this *should* work now. give it a try?
oh, note, it should be: echo -n 'hello world' | gzip -9 | openssl enc -aes-256-cbc | base64 | xargs -0 printf "https://itty.bitty.app/#/data:text/plain;cipher=aes;gzip64,%s\n" It needs the hashtag
How would you like to see them done? (Show an example?)
This is odd - I'm able to replicate it in firefox/ios - what others have you seen it happen in?
Or wrap the whole thing in a pre tag
How would you imagine this working (could you provide some basic syntax you would hope to see?)
I'm going to keep this issue open indefinitely, as I'm curious about best practices here. I've created an itty site as a reference [http://xss.bitty.site/](http://xss.bitty.site/) Inlining the content below - note...
@topaz Great idea. I've added them. I was a bit worried about same-origin, particularly in IE, and this makes me feel much better. Thank you!
Hmm. Interesting. And the sub domain isolation means it could be rendered as a true page instead of as a sandboxed iframe. As of right now, local storage and cookies...