Episode 28: Surfin' with CSRFs
Critical Thinking - Bug Bounty Podcast
00:00
The Caveat to JavaScript Bridges
I wouldn't really call that a C surf so much as an abusive intended functionality. Because it's not like blockable. Maybe that's my like web brain trying to apply it to mobile. But I am a little disappointed though, because I definitely wanted there to be carff cross app requests for a tree. Like I feel like carff. We could we could just like make that a moment? That kind of exists too.
Play episode from 04:29
Transcript
