Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://brotka.st/objects/1bcaf7c2-d0e7-42de-9e88-ee8d76607fe1">kaia (kaia@brotka.st)'s status on Friday, 31-Jan-2025 22:57:33 JST</a><a href="https://brotka.st/users/kaia" title="kaia@brotka.st"><img src="https://gnusocial.jp/avatar/1001-48-20220724170902.webp" width="48" height="48" alt="kaia" style="position: absolute; left: 0; top: 0;">kaia</a></section><article>friend showed me how to steal the auth token from the browser session storage, so I can use it against the REST API. interesting how one can just do that. a browser plugin could steal your session and it wouldn't even be visible to the user?</article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4483855#notice-8778457">In conversation</a><time datetime="2025-01-31T22:57:33+09:00" title="Friday, 31-Jan-2025 22:57:33 JST">about a month ago</time> <span>from <span><a href="https://brotka.st/objects/1bcaf7c2-d0e7-42de-9e88-ee8d76607fe1" rel="external" title="Sent from brotka.st via ActivityPub">brotka.st</a></span></span><a href="https://brotka.st/objects/1bcaf7c2-d0e7-42de-9e88-ee8d76607fe1">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
kaia (kaia@brotka.st)'s status on Friday, 31-Jan-2025 22:57:33 JST kaia
friend showed me how to steal the auth token from the browser session storage, so I can use it against the REST API. interesting how one can just do that. a browser plugin could steal your session and it wouldn't even be visible to the user?
In conversationabout a month ago from brotka.stpermalink

Public

Embed Notice

HTML Code

Corresponding Notice