|
|
|
|
|
|
by jaggederest
80 days ago
|
|
|
They often do actually ignore truly hidden fields (input type=hidden) but if you put them "behind" an element with css, or extremely small but still rendered, many get caught. It's similar to the cheeky prompt injection attacks people did/do against LLMs. |
|
|