Hacker News new | ask | show | jobs
by batiste 4841 days ago
If your only goal is to send the user to a malicious page with a payload then you don't need any user action.

Just do: document.location.href = "http://malware.com;

And you are done.
1 comments
bilawal 4841 days ago
Heck, if you're going to do that.. you don't even need JavaScript.

<meta http-equiv="refresh" content="0; url=http://malware.com />

link