|
|
|
|
|
|
by ycmbntrthrwaway
3261 days ago
|
|
|
As for the audit[1], how would HTML sanitization on sender side protect the reader? On page 12 they suggest adding "HTML sanitization" in onSendClick function. It is as lame as protecting against XSS with JavaScript. Attacker will simply remove this code and recompile app. [1] https://briarproject.org/raw/BRP-01-report.pdf |
|
|