Skip to main contentGo back to the homepage

I am Fernando van Loenhout
A Full stack developer!


Tag typescript


How I found a TypeScript public playground XSS exploit

This article has been posted under the following categories: blog, security, xss and typescript

In 2021, I was playing around with the online TypeScript sandbox, when I discovered a weird issue. When trying to write XML to the terminal, it instead of showing me the string representation, it was actually executing it.

While it makes sense for a code sandbox to execute the code you input, it is important it stays within the sandbox, as the sandbox has the proper restrictions put on the javascript environment, which includes blocking cookie access and fetch access at a minium.

The exploit



Creating a breakout game

This article has been posted under the following categories: tech-demo, typescript and from-scratch

View result of this coding project

Creating small Javascript games is a great way to learn coding. As part of learning, I developed a breakout game. This game features a level selection screen, which generates levels based on some math.

This game used the module pattern to connect all the components together.


  • Pause screen using the escape key
  • Hidden AI activated using the developer console
  • Hidden powerups activates used the developer console
  • Uses…