Hacker News new | ask | show | jobs
by sbarre 3298 days ago
It may get logged by the server but if it's designed to be parsed client-side, there may not be any server-side code examining or sanitizing that value before the SPA gets to it.