Alexey Sotskov
Jun 18 · 1 min read

Hei! Nice catch! I like it!

But as I don’t save anything in DB and do not provide permanent links, it’s a completely stateless app — how can you damage anyone but yourself? Do you have an example of possible damage use case and why do you think it’s still an issue I should fix?

I didn’t pay attention to JS/HTML injection because of stateless nature of the app.

Thank you!

    Alexey Sotskov

    Written by

    10+ years in Quality Assurance. I write about practical and effective techniques that help me and my colleagues in everyday software testing.