> You can simply relay the requests to the original site/"webapp", no need to bu... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

Jensson on Nov 2, 2023 | parent | context | favorite | on: Last Chance to fix eIDAS: Secret EU law threatens ...

> You can simply relay the requests to the original site/"webapp", no need to build one similar

Doesn't work if the app encrypts messages locally, so end to end encryption is still valid with this.

g-b-r on Nov 2, 2023 [–]

We're talking about normal browsing, not webapps performing their encryption

isilofi on Nov 2, 2023 | [–]

Webapps are also vulnerable because the Javascript can be manipulated in a MitM attack.

The only way around this would be a "real" app.

g-b-r on Nov 2, 2023 | | [–]

True

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact