|
|
|
|
|
|
by jitl
888 days ago
|
|
|
In that case, the preview system would do (eg) GET https://example.com/private/page, but get a 401 Unauthorized response back, and have none of the page content or execute any of the scripts inlucded in that /private/page: > * That somehow had the page content from a user > * Would render and execute all scripts on that page as if it was that user |
|
|