Y
Hacker News
new
|
ask
|
show
|
jobs
by
sunaden
1835 days ago
Thanks for the q (I work at Deepnote) - all outputs that can contain potentially malicious JS are sandboxed in iframes so they can only access their local context and can't be used e.g. for XSS attacks.