|
|
|
|
|
|
by torgard
966 days ago
|
|
|
I should say, doing this only mitigates the middle-click-paste pastejack exploit. The underlying issue - JAVASCRIPT CAN ALTER WHAT YOU HAVE SELECTED AT WILL AND WITHOUT DETECTION - remains, and I believe we'll see other exploits pop up from this. Say you're about to copy a crypto wallet. You have it selected, and are about to press CTRL-C to copy it. It is entirely possible for malicious code to detect that. And, as it turns out, it's possible for it to change the selection to a different (invisible) string, right as you press CTRL-C. |
|
|