|
|
|
|
|
|
by gojomo
5232 days ago
|
|
|
Doesn't seem nefarious. That's why it's a brilliant piece of passive-aggressive engineering! It undermines both the letter and intent of P3P, while ostensibly informing the user. The exact same string is a lie to the protocol, but the truth when read by a person outside of the protocol-context! It's kind of like a file that's both a legal and harmless GIF and a malicious executable Java JAR. (Look up [GIFAR vulnerability] for more details.) |
|
|