In the DOM We Trust: The Hidden Dangers of Reading the DOM on the Web [pdf] (opens in new tab)

(trouge.net)

1 pointsArneVogel2mo ago1 comments

1 comments

ggm2mo ago

As a neophyte, I failed to see them demonstrate injection. They seem to model what injection would mean, but not show how the threat actor got into the flow.

Probably for non neophytes who this is aimed at, that's a given.

j / k navigate · click thread line to collapse

In the DOM We Trust: The Hidden Dangers of Reading the DOM on the Web [pdf] (opens in new tab)

(trouge.net)

1 pointsArneVogel2mo ago1 comments

1 comments

ggm2mo ago

As a neophyte, I failed to see them demonstrate injection. They seem to model what injection would mean, but not show how the threat actor got into the flow.

Probably for non neophytes who this is aimed at, that's a given.

j / k navigate · click thread line to collapse