@Shamar @[email protected] @mala @Shamar @[email protected]
<< If you can programmatically modify the #DOM and trigger a #DOMEvent, you can send any #HTTP request you want anywhere. >>
This is what you need to be saying next time you try to talk about this.
This is the headline.
@natecull @popefucker @mala @Shamar @rain
The #attack I proposed do not use #XmlHTTPRequest.
If you can programmatically modify the #DOM and trigger a #DOMEvent, you can send any #HTTP request you want anywhere.
Disabling JavaScript BY DEFAULT do not turn of the #Web. That's what a lot of people say, but did you tried?
You didn't.
Most of it work fine.
Even #StackOverflow, #Medium, #GitHub and #GMail (!!!) work like a charm.
1/
Nate Cull (.social)
Shamar