From d1478a9f702fb28f1295f371e3c87ba4f1b229c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ricardo=20Fern=C3=A1ndez=20Serrata?= <76864299+Rudxain@users.noreply.github.com> Date: Sat, 2 Nov 2024 19:45:43 -0400 Subject: [PATCH 1/2] add privacy warning to `README.md` also minor edits --- README.md | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index c45570e..ecde1d7 100644 --- a/README.md +++ b/README.md @@ -17,10 +17,17 @@ SPDX-License-Identifier: Apache-2.0 Allows to render HTML files on git forges (like GitHub) in your browser, without cloning or downloading. -**NOTE** -Freely hosted [CORS][CORS] (Cross-origin resource sharing) proxies - +> [!warning] +> Freely hosted [CORS][CORS] (Cross-origin resource sharing) proxies - like the ones used by this script - -are a potential security risc! +are a potential **security risk!** + +> [!warning] +> If a script stores sensitive data (as cookie, `localStorage`, etc...), then **other repos you open will also have access** to this data. +> +> How to avoid risk: +> - Don't input sensitive data while previewing +> - Clear all site data after previewing a repo Currently supported git forges: From 56e9abf0c1df07c3b2fb53e62931de370dd3a806 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ricardo=20Fern=C3=A1ndez=20Serrata?= <76864299+Rudxain@users.noreply.github.com> Date: Sat, 2 Nov 2024 20:16:59 -0400 Subject: [PATCH 2/2] add warning to `index.html` --- index.html | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/index.html b/index.html index 17bd21d..c22dcda 100644 --- a/index.html +++ b/index.html @@ -40,6 +40,12 @@

Git-Forge HTML Preview

+

+ ⚠️ WARNING ⚠️ +
+ Please read + the warnings contained here +

Enter URL of the HTML file to preview: