Is It Safe to Host HTML That Runs Its Own JavaScript?
3 hours ago
- #sandboxing
- #web-hosting
- #security
- ShareMyPage hosts arbitrary HTML and JavaScript without sanitization.
- Pages run in a sandboxed iframe with a null origin, blocking cookie and storage access.
- Content is served from a separate, cookieless origin with no session data.
- Multiple security layers ensure no single point of failure.
- Isolation protects users and the platform from malicious code, but does not address content moderation.