"AlpacaHack - May 12, 2026": Escaping the Sandboxed Iframe

This challenge was about an HTML preview service using an iframe. The author hopes the "sandbox" attribute is enough to prevent XSS.