|
|
|
|
|
|
by CydeWeys
1098 days ago
|
|
|
This so-called attack is also not as effective in most contexts as the simple <a href="https://evilsite.com">https://goodsite.com</a> trick. Raw URLs in web pages don't get auto-linkified anyway, so something is turning it into a link (e.g. through use of HTML), and at that point you can have the link text and the URL be whatever you want, completely independently of each other. |
|
|