[Greasemonkey] Greasemonkey and Phishing
Premshree Pillai
premshree.pillai at gmail.com
Fri May 13 23:08:32 EDT 2005
Hi,
Is there a way to compare a page's original DOM and the one generated
after a userscript is run?
To give more context, this is in relation to one of the comments [1]
to a recent post of mine [2]. Quoting:
"GreaseMonkey throws up an interesting issue: What if there are GM
scripts that phish for information, and a user unwittingly installs an
extension that acts as a phishing script? Should browsers start
supporting a CRC/MD5 check logo (like the ssl lock icon) to certify
that the client and server-side copies of a page are the same and
unaltered? Just curious...."
Very valid possibility, isn't it? Is there some way to know if the DOM
(or the content) of a page being displayed is exactly what is supposed
to be displayed?
Thanks.
[1] http://www.livejournal.com/users/premshree/71511.html
[2] http://www.livejournal.com/users/premshree/71511.html?thread=642903#t642903
--
Premshree Pillai
http://www.livejournal.com/users/premshree/
More information about the Greasemonkey
mailing list