|
|
|
|
|
|
by scriby
4898 days ago
|
|
|
I don't think the attack as described would work in practice, because the modified javascript file would no longer be valid javascript and would just break the site. I think you'd have to both create a file that passed the hash check and was valid javascript, which seems somewhat more difficult. |
|
|