CrunkLord420 on Nostr: Alex Gleason the javascript might come from the same domain, but exfiltration of the ...
Alex Gleason (npub108p…yev6) the javascript might come from the same domain, but exfiltration of the authentication token requires you to submit it to a third party server, correct? Unless you inject a script to exfiltrate the data over ActivityPub itself.
Published at
2023-05-26 19:33:00Event JSON
{
"id": "635a5bfae06493f805e798505f61abe3b3a8fe7fa948283f1c55332fdb72c233",
"pubkey": "69808a64d278bd244dc36492a5165ec02ec07af76fe38bbd2811b0a84fe1be17",
"created_at": 1685129580,
"kind": 1,
"tags": [
[
"p",
"79c2cae114ea28a981e7559b4fe7854a473521a8d22a66bbab9fa248eb820ff6",
"wss://relay.mostr.pub"
],
[
"e",
"18fabda962884bc36846d97288e5ee2e65e51d6fa5b20405aea00e96d532de4f",
"wss://relay.mostr.pub",
"reply"
],
[
"mostr",
"https://rdrama.cc/objects/6c586d6e-f67c-4ae9-8b3c-d1a38e37e44c"
]
],
"content": "nostr:npub108pv4cg5ag52nq082kd5leu9ffrn2gdg6g4xdwatn73y36uzplmq9uyev6 the javascript might come from the same domain, but exfiltration of the authentication token requires you to submit it to a third party server, correct? Unless you inject a script to exfiltrate the data over ActivityPub itself.",
"sig": "a035dbcdf076c12c76a65bde1a700a4222f9ea8afd362eb6e32bbc28720fbdca0a44181215a2d5e19c800720329ac1ea7d670e35fd9317829b3b3c226796197f"
}
