|
|
|
|
|
|
by nitrogen
2954 days ago
|
|
|
If a .js file is redirected to from a web page, with a Content-Disposition header marking it as a download, and (as is common) the browser downloads automatically to ~/Downloads, doesn't that leave the .js file in a predictable place that can then be used by an attack on Electron? |
|
|