AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Is tampermonkey safe9/3/2023 ![]() If the script uses unsafeWindow in just the right (wrong) way, a page can detect that and even hijack (slightly) elevated privileges. Similarly, a site can AJAX-back any or all of the content of a page and compare that to expected values.Įxtra AJAX calls, or AJAX calls that don't meet hidden requirements can be noted (and allowed to appear to succeed). Gaming or auction sites can monitor the timing (speed and regularity) of "bid" clicks.Ī site can AJAX-back the count of say, nodes, looking for extras. Some methods, depending on what the script does (in no particular order): (Then again, some webmasters can be obsessive-paranoids about such things. This is not foolproof and usually is way too much trouble for the negligible "threat" to the site. Yes, in theory, a site can deduce the presence of scripts in various situations.
0 Comments
Read More
Leave a Reply. |