| ▲ | ikekkdcjkfke 13 hours ago | |
And the reason we can’t put execution of non-declared code behind a permission is because one anal developer at chrome thinks that we shouldn’t break existing sites even though no serious site would do this and you could just show a permission popup with triangle exclamation mark | ||
| ▲ | londons_explore 3 hours ago | parent | next [-] | |
That's what's great about this - it is an interpreter which allows the attacker to do absolutely anything, but no non-declared code is directly run. | ||
| ▲ | johnebgd 11 hours ago | parent | prev [-] | |
Users have largely been trained to click okay when asked to give permission without thinking. | ||