Y
Hacker News
new
|
ask
|
show
|
jobs
by
onezerozeroone
4407 days ago
Yeah, but you're going to see a <form> that POSTs to some target URL, with username and password as fields. The only thing protecting the plaintext password from leaking is SSL. POSTing a XmlHttpRequest is equivalent.