ššššššššš on Nostr: The issue with web apps is that they usually put the private key into local storage. ...
The issue with web apps is that they usually put the private key into local storage. From there it can potentially be stolen with an XSS attack
Published at
2023-01-16 22:31:49Event JSON
{
"id": "480d5f891a08e79449ce062e0c16830a92f8699a44b0f259a256d6cfb98c62bd",
"pubkey": "3d2091ddcad4e092cf0ea074a5554a9bd2af231b555238bc8caf333bda581a97",
"created_at": 1673908309,
"kind": 1,
"tags": [
[
"e",
"10a34b314acef30bbf88b38c28336fe8b9b4694bf5bca61cc138b89cca60644a",
"",
"root"
],
[
"e",
"2d4506e5f80a4317d508cc10d4e6e10d6eb430cb4be90990d33e689593978cdb",
"",
"reply"
],
[
"p",
"09e935f7c01fda340051a4700cfb9dde533202bdf56808f68cafef6bae07a5bd"
],
[
"p",
"a3eb29554bd27fca7f53f66272e4bb59d066f2f31708cf341540cb4729fbd841"
],
[
"p",
"cbf904c0702a361911c46d79379a6a502bc3bd0b4c56d25389e62d3ebf4a7db8"
],
[
"p",
"b17c59874dc05d7f6ec975bce04770c8b7fa9d37f3ad0096fdb76c9385d68928"
]
],
"content": "The issue with web apps is that they usually put the private key into local storage. From there it can potentially be stolen with an XSS attack",
"sig": "1d2ca4d79830d9e24d111626006d3eb51dd10bdba95b41187fe973c8997b2b6b13169dd64f09265275a6cd7f8d573ba27775e659bc4167d27ed904acb6dc1232"
}