808.html is a single self-contained index.html with no backend of its own.
The only network call it makes is to a small Cloudflare Worker that stores
shared beats under short codes so a link can stay tiny.
Please report security issues privately rather than opening a public issue.
- Preferred: GitHub's private "Report a vulnerability" form under this repo's Security tab.
- Or email mullinsben@gmail.com.
I'll try to acknowledge within a few days. Please include steps to reproduce and, where relevant, the browser and platform you saw it on.
In scope: the app (index.html) and the shared-beat short-code service.
Out of scope: findings that require a modified browser, physical device access, or social engineering.