Half of web map solutions rely on workers, which can't be easily loaded from 3rd... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		febusravenga 31 days ago \| parent \| context \| favorite \| on: RCE Vulnerability in React and Next.js Half of web map solutions rely on workers, which can't be easily loaded from 3rd party origins, so are loaded as blobs. loading worker from blob is effectively an eval.

__alexs 31 days ago [–]

The client sort of exists to have code injected into it though?

jacquesm 31 days ago | [–]

If you want to describe text mark-up as programming, then yes. But most people do not do that.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact