← Back to context

Comment by jandrese

1 year ago

So if you install your own certificate authority and then spoof the DNS it might be possible? Not so useful as an attack vector, but potentially useful for people who want to do fun things with the browsers they own.

You can just expose the data to all sites with your own extension if you have access to the device.