[fragmede]

That's a regular MitM attack, just with, specifically, Angular. If you can convince someone to go to malicious-bank.com and log into it with their real credentials, you've successfully phished them. If you go a step further and show them the real information from the real website, thats going a step further, but by then it's game over already.

If the attacker's already convinced you to give them your username/password (and 2fa), why bother showing the victim a fake (Angular) website?

A password manager/passkey/yubikey protects against this by checking that the url is bank.com and not malicious-bank.com, but unsophisticated users fall for this attack every day.

[vitalipom]

A bit loss of context. Angular was mentioned in the context of how servers serve Angular apps: if instead of server index.html server would serve a different whole url.

And my worries are mainly due to the solution I proposed (as a patent(!)) and later on abandoned.

I am wondering whether to invest in this my time and furthermore additional money.

[fragmede]

Angular can't change the underlying domain name. Instead of http://example.com/index.html it can change to eg http://example.com/bank.com.html as the URL, but it'll still have "example.com".

[vitalipom]

Again, I haven’t yet tested it. But I’d like to hear what community has to say with relevance to that about my direction with the solution I’d been working on.