If you are subject to an XSS, the same domain policy already ensures that you're f'd. An XSS attack is the "root" or "ring 0" attack of the web.
Recent articles
- LLM 0.22, the annotated release notes - 17th February 2025
- Run LLMs on macOS using llm-mlx and Apple's MLX framework - 15th February 2025
- URL-addressable Pyodide Python environments - 13th February 2025