This page demonstrates what an attacker-controlled webpage can do when loaded through the same-origin proxy. Host this page externally, then preview it via the Knowledge Webpage Preview in desk.
1. Host this file on any public URL (e.g. GitHub Pages, Netlify, etc.)
2. In desk, add the URL as a Knowledge Webpage
3. Open the webpage preview drawer and click "See original" to load the proxied version
4. Click the attack buttons below — they run inside the same renderer process as desk
The Babel transform intercepts window.parent, but dynamic property access bypasses it entirely.
This reads the parent desk app's DOM and extracts sensitive data.
Same-origin means full access to cookies, localStorage, and sessionStorage of the desk app. Auth tokens, session IDs, and user preferences are all readable.
Since we share the same JS realm as the parent, we can monkey-patch globals
like fetch and XMLHttpRequest on the parent window
to intercept all API calls including auth headers.
Spectre requires high-resolution timers. This checks available timer sources
and whether SharedArrayBuffer is available (needed for the most
reliable Spectre timer). Same-process = same address space.
Attach a keydown listener to the parent document to capture all keystrokes in the desk app, including message composition, search queries, and credential inputs.