[paulgb]

> My biggest concern with an online service is privacy

In this case it's all run client-side. You're still trusting that the code you're served wasn't maliciously replaced, but if you want to be careful you could run it in an incognito tab and temporarily disable your internet connection.

[krossitalk]

How would you download the payload without an internet connection?

Let's presume it is malicious, and the mere act of downloading the WASM starts an injection.

[paulgb]

Ah, I was ambiguous about that, but I mean these steps:

1. load the site in an incognito tab

2. disable internet

3. run the conversion and download the result

4. close the incognito tab

5. re-connect the internet

[kevin_nisbet]

While this may work for unsophisticated attacks, wouldn't it still be possible for a more sophisticated adversary to do something more like store the document in browser local storage, and then later with internet access to post the contents?

I haven't spent a huge amount of time in the browser security space, but I do think there is quite alot of surface area if you give the browser session sensitive data.

[paulgb]

If you are using an incognito tab, anything in local storage, cookies, even caches should go away. I am not 100% up on the details but I believe modern browsers are pretty strict about isolating incognito state.

You're right though in general, that's why the incognito tab is important.

[jonny_eh]

This is correct, but you need to close ALL incognito tabs for storage to get wiped, not just the tab you loaded the site in.

[YPPH]

I mean, I considered this implied within the suggestion of using incognito mode.

In any event, it's an unrealistic attack vector. No bad actor is going to target 0.1% of edge cases when you could get enough damaging information from people who do not go through this process and remain connected to the internet.

[lxgr]

That depends on the browser, I believe.

[illiac786]

Did you try this? Does not work with FF 99 in a private tab on macOS 12, at least for me. It stays stuck at "Rendering finished, waiting for processing".

[achn]

Are there browser extensions that simply disable all future requests from being sent from the immediate tab?

[paulgb]

It's possible for an extension to intercept and block requests, but as Kevin mentions in your sibling comment, it's not enough because they could write data to local storage and then read it later when you're back online if you ever visited that domain again. An extension would have to cover a lot of bases to ensure that data couldn't leak, and I wouldn't trust one to cover them all.

[jannes]

In Chrome dev tools you can set the network throttling to "Offline".

In Firefox this is not possible (per tab), but at least you can set the entire browser to offline mode by clicking "File -> Work Offline"

[jonny_eh]

In Chrome, open the Inspector, go to "Netork", then in the dropdown that says "No throttling" choose "offline".