|
|
|
|
|
|
by graypegg
1256 days ago
|
|
|
That screenshot possibly becomes outdated the second after it’s snapped. This seems to be able to store session data from the user that took the screenshot, and will happily allow anyone access to view it. The example video shows him taking a screenshot of an Amplitude dashboard using a browser plug-in. Thinking about how that’s possible, it must be skimming the session cookie off the browser, and using it to request the same page on Plus’s side to generate an image. You can imagine how that might be compromising. Edit: you log in within the plus web app itself, which feels a little better. Still no totally secure way to do this but seems really useful. |
|
|