Playproject website
playproject-io / playproject-io.github.io Goto Github PK
View Code? Open in Web Editor NEWplayproject website
Home Page: https://playproject.io
License: MIT License
playproject website
Home Page: https://playproject.io
License: MIT License
Playproject website
@todo
@todo
@todo
supply tree
of package manager
regarding uninstallable packages?
codingame
or packman
be listed?image gallery
? and downloads 1000 pictures - will they show up like that?about
import/export/copy/paste package manager addresses + settings
@todo
reading materials:
Just got this email
Hi team,
While performing security testing of your website i have found the vulnerability called Clickjacking.
Many URLS are in scope and vulnerable to Clickjacking.
What is Clickjacking ?
Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages.
The server didn't return an X-Frame-Options header which means that this website could be at risk of a clickjacking attack. The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a or <iframe>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.
This vulnerability affects Web Server.
Steps to Reproduce / POC
Vulnerable Urls:https://playproject.io/
Put every above url one by one in the code of iframe, which is given below
<!DOCTYPE html>
<html>
<body>
<h1>The iframe element</h1>
<iframe src="https://playproject.io/">
<p>Your browser does not support iframes.</p>
</iframe>
</body>
</html>
By hasan khan
hasankhan222424@gmail. Com
Notice that site is visible in the Iframe
POC is in the attachments. Thanks, waiting for your response.
Impact
Using a similar technique, keystrokes can also be hijacked. With a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe they are typing in the password to their email or bank account, but are instead typing into an invisible frame controlled by the attacker
@todo
@later
contact
item to scroll to the bottom of the pagecontact: '...'
or website: '...'
instead of contact: { website, github, twitter}
@todo
"our team"
to contributors
playproject-io.github.io#13
clickjacking protection misconfigurationplayproject.github.io#15
update avatar links on playproject@later
playproject-io.github.io#9
website improvementsplayproject-io.github.io#4
add social media preview (twitter, facebook, ...)playproject-io.github.io#6
Translation issueplayproject-io.github.io#7
Browser support listplayproject-io.github.io#1
org-page concept & updatesplayproject-io.github.io#2
Play brand book / design guideplayproject-io.github.io#3
add custom domain@todo
org-page#4
: add social media preview (twitter, facebook, ...)
Link http://play.ethereum.org/ to https://playproject-io.github.io/
see: https://github.com/ethereum/devops/issues/111
more resources
theme_widget
@output
π¦ theme_widget_v0.0.1 from commenttheme_widget_v0.0.1
@output
π¦ theme_widget_v0.0.1 from commentindex.js
cleanup@output
π¦ theme_widget_v0.0.2 from commenttheme_widget_v0.0.2
@input
π¦ theme_widget_v0.0.2 from comment@output
π¦ theme_widget_v0.0.3 from commenttheme_widget_v0.0.3
@input
π¦ theme_widget_v0.0.3 from comment@output
π¦ theme_widget_v0.0.4 from comment@input
π¦ playproject_old@output
π¦ playproject_v0.0.1 from commentplayproject_v0.0.1
@input
π¦ playproject_v0.0.1 from commentour_contributors.js
@output
π¦ playproject_v0.0.2 from commentplayproject_v0.0.2
@input
π¦ playproject_v0.0.2 from commentsupporters.js
@output
π¦ playproject_v0.0.3 from commentplayproject_v0.0.3
@input
π¦ playproject_v0.0.3 from comment@output
π¦ playproject_v0.0.4 from commentTODO
@todo
TODO
@todo
@input
π¦
comment
@input
π¦
output
: π¦ wizard-amigos Island v2 from comment@input
π¦ playproject.io@input
π¦ playproject.io@input
π¦ playproject.io@output
π¦ playproject-night theme v1 from comment
@input
π¦ playproject.io@ouput
π¦ team islands from comment
@input
π¦ playproject.io@input
π¦ data-shell server@output
π¦ data-shell v1 from comment
@output
π¦ data-shell v2 from comment
@todo
brand
repository with official statement about
@todo
e.g. https://playproject-io.github.io/?lang=<value>
where <value>
can be en
or de
or zh
or zh-tw
? ...etc...
const params = new URL(location.href).searchParams
const lang = params.get('lang')
console.log(lang) // e.g. => "en"
;(async filepath => {
const json = await fetch(filepath).then(response => response.text())
console.log(json)
})(new URL(`data.${lang}.json`, location.href).href)
// make english default
// => remove param if it's english
const params = new URL(location.href).searchParams
if (params.get('lang') === 'en') {
params.delete('lang')
location.search = params
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.