Security analysis of <portal> element

Portal is a fairly new HTML element that is currently supported only in Chrome Canary behind the #enable-portals flag. Their main objective is to enable seamless transitions to the web by pre-rendering content in an iframe-like element that can be then “promoted” (activated) to a top-level frame. In this article we focus of security analysis thereof.

Another XSS in Google Colaboratory

Three months ago I described XSS which I found in Google Colaboratory. Before you start reading this article, I recommend you go back to the previous one first, because I am going to develop the topic which started there. In a nutshell, however, what previously happened: I was looking for XSS in Google Colaboratory (an …