|
|
|
|
|
|
by joev_
3754 days ago
|
|
|
I mucked with this a while back. You can dump all your passwords over the websocket pretty easily (provided your 1password is unlocked): https://gist.github.com/joevennix/438782cbe447e86f2506 It would be more interesting if an arbitrary website could do this, but they prevent that attack by checking the Origin header on the initial websocket request. |
|
|