Earlier yesterday we were made aware of an issue about an XSS vulnerability on some JS Challenges.
We have fixed this in production.
As a side effect, the sharing code URLs from profile, and viewing solutions from profiles is disabled.
This is side effect is temporary and is already handled more elegantly in the beta.
We will soon be adding a more clear warning notice on the profile page, for clarification.
Note: none of the progress is lost, and all submitted solutions are safe in the userâs profiles, except we are temporarily limiting the ability to view and share them.
This only affects viewing solutions from user profiles, view solution link or any link that is shared to you.
Your solution will be loaded from a local storage copy, if its available there. Meaning, as long as you have not changed computers or cleared you local storage / cookies, your solution will be loaded automatically from there.
Update 2:
We have prepared a fix, and hopefully we will have this on the main site, soon. Just wanted to let you know of our progress:
Update 3:
We have patched the platform to enable viewing solutions once again. Happy coding!
Could you also test is out with @JacksonBates and confirm how it can be integrated on the production? If possible layout a action plan, we will be happy to integrate it on our core platform.
A simple POC and explanation on the tracker should be fine, we will work on a PR.
Any update on this, perhaps a timeline? I was hoping to pick FCC back up this week and noticed all my past solutions have vanished but I still have credit for solving. Iâm am hopeful that this issue is the cause.