Hacker News new | ask | show | jobs
by venning 2929 days ago
I've always seen <base> as somewhat analogous to with in JavaScript, whose usage is strongly discouraged [1]. Recent exploits using <base> seem to confirm that a bit.

[1] https://developer.mozilla.org/en-US/docs/Web/JavaScript/Refe...