Y
Hacker News
new
|
ask
|
show
|
jobs
by
cornishpixels
2240 days ago
The fragment is, at the very least, exposed to JavaScript. It's also has several problems which are explicitly called out (for the query string) in your own link: Shoulder surfing, cache, history