Merge pull request #7 from html-preview/privacy-warn

Add privacy warnings

Author: Rudxain

README.md

@@ -17,10 +17,17 @@ SPDX-License-Identifier: Apache-2.0
 Allows to render HTML files on git forges (like GitHub) in your browser,
 without cloning or downloading.
 
-**NOTE**
-Freely hosted [CORS][CORS] (Cross-origin resource sharing) proxies -
+> [!warning]
+> Freely hosted [CORS][CORS] (Cross-origin resource sharing) proxies -
 like the ones used by this script -
-are a potential security risc!
+are a potential **security risk!**
+
+> [!warning]
+> If a script stores sensitive data (as cookie, `localStorage`, etc...), then **other repos you open will also have access** to this data.
+> 
+> How to avoid risk:
+> - Don't input sensitive data while previewing
+> - Clear all site data after previewing a repo
 
 Currently supported git forges:
 

index.html

@@ -40,6 +40,12 @@
 <body>
 	<form id="previewform" onsubmit="location.href='/?url='+this.file.value;return false">
 		<h1>Git-Forge HTML Preview</h1>
+		<p>
+			<strong>⚠️ WARNING ⚠️</strong>
+			<br>
+			Please read
+			<a href="https://github.com/html-preview/html-preview.github.io/blob/d1478a9f702fb28f1295f371e3c87ba4f1b229c2/README.md">the warnings contained here</a>
+		</p>
 		<p>
 			Enter URL of the HTML file to preview:
 			<input type="url" id="file" value="" placeholder="e.g. https://github.com/user/repo/blob/master/index.html" size="60" autofocus>