Leak Lookbook

Passwords are safely inaccessible to 3rd party JavaScript vendors due to use of an invisible iframe leveraging cross-origin isolation (CORS).

Security and authentication related data must not be visible to any 3rd party vendor, particularily session replay.

Because the user has marked the gist as secr4et, the contents should not be accessible to any 3rd party vendor.