hodlbod on Nostr: I'd like to learn more about this. Both Coracle and Primal apparently showed a red ...
I'd like to learn more about this. Both Coracle and Primal apparently showed a red warning page to some users because of nos.re. I'm not sure how it was triggered, whether by a link href, image src, background image src, or something else, but I want to be sure Coracle doesn't have any injection vulnerabilities. I've audited the code and don't see anything suspicious, just want to be extra sure.
note19j3s8vg2q06nkxpd4xpdxhupl3a2mvr0pw8az7hf29kam2hcp2jqswpfqr
note1p566r9j6jhlzj83kxyha8dlka7lv6evaaglpedrlp8s0va7f8tmq32xelr
Published at
2023-06-28 19:39:30Event JSON
{
"id": "428c5a943234162936e8f1f93270b368b9979936495c3b369b8277b139e9ea89",
"pubkey": "97c70a44366a6535c145b333f973ea86dfdc2d7a99da618c40c64705ad98e322",
"created_at": 1687981170,
"kind": 1,
"tags": [
[
"p",
"bbb249562b429ad42ec344e54a61888b7c04e2c6084dab13963c43c05ac205f0",
"",
"NOS.RE"
],
[
"e",
"2efdbb4385b009f75e140cf0fe2dee93682a1db73259ac76c86a3cdcdbb15c48",
"wss://relay.nostr.band",
"root"
],
[
"e",
"2ca303b10a03f53b182da982d35f81fc7aadb06f0b8fd17ae9516dddaaf80aa4",
"",
"mention"
],
[
"e",
"0d35a1965a95fe291e36312fd3b7f6efbecd659dea3e1cb47f09e0f677c93af6",
"",
"mention"
],
[
"client",
"coracle"
]
],
"content": "I'd like to learn more about this. Both Coracle and Primal apparently showed a red warning page to some users because of nos.re. I'm not sure how it was triggered, whether by a link href, image src, background image src, or something else, but I want to be sure Coracle doesn't have any injection vulnerabilities. I've audited the code and don't see anything suspicious, just want to be extra sure.\n\nnote19j3s8vg2q06nkxpd4xpdxhupl3a2mvr0pw8az7hf29kam2hcp2jqswpfqr\nnote1p566r9j6jhlzj83kxyha8dlka7lv6evaaglpedrlp8s0va7f8tmq32xelr",
"sig": "6040b5a4fbd69c100498bcb8a1d814fdd416dade40c4f2eaf4ed8591f27db57090189e548aad7eb6374e67da47f43755c0c7a9e6f8e9d2335935af61c09c3830"
}
