You must log in or register to comment.
that’s really concerning because it bypasses a browser password manager security measure. Since the domain is the same but the server ip and the server’s https certificate chain is different, a poorly written password manager may auto-login or automatically send cookies to a website owned by a completely different entity on the same domain name. Big security flaw in domain name trust?
One of these days, they’re gonna seize this instance with no warning.
Who and why they should seize it, all we’re doing is discussion, we’re doing nothing wrong.
Discussion can be made illegal. Thought crime is a real thing.
