In the DOM We Trust: The Hidden Dangers of Reading the DOM on the Web [pdf] (trouge.net) 1 points by ArneVogel 6mo ago ↗ HN
[–] ggm 6mo ago ↗ As a neophyte, I failed to see them demonstrate injection. They seem to model what injection would mean, but not show how the threat actor got into the flow.Probably for non neophytes who this is aimed at, that's a given.
1 comment
[ 2.0 ms ] story [ 20.1 ms ] threadProbably for non neophytes who this is aimed at, that's a given.