You’re a service like Vercel. You prompt users for a project name my-project then deploy that project to my-project.vercel.app. Great. Then a malicious user provides you with a project named my-project.com#. Now vercel sanitizes their inputs so this doesn’t happen, but if you didn’t then the url that would be generated would be my-project.com#.vercel.com and #.vercel.com is a url hash, which never gets sent to the server. The location object would look like this:
Location {
"hash": "#.vercel.com",
"domain": "my-project.com"
}Now, this isn’t terrible, but if vercel also used the generated url & domain internally, theres a chance that it could be sending requests with environment variables… just like what happened with Web Dev Cody here: This is why you can’t blindly use AI.