|
|
|
|
|
|
by laserbeam
1165 days ago
|
|
|
I specifically love how it's not just a call to numbers.com, rather a call to /api/curiosity on the site, but passing in a url to numbersapi.com as an argument to the request. So... Not only the call to numbers.com was hidden from the networking tab from casual onlookers, but I think the server will just download arbitrary content if we ask it to... And I could certainly load a random lipsum.com/feed/html. Since there's no call to that domain in my networking tab I assume their server does it. I won't be the person to include a link to a 400gb file there, but someone will. |
|
|