- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sat, 3 Dec 2016 08:26:12 +0100
- To: "public-browserext@w3.org" <public-browserext@w3.org>
Since native applications are not securely tied to invoking Web pages, it appears that this concept is susceptible to phishing. One may argue that Native Messaging isn't callable by Web pages but that's incorrect [1], and it is probably the #1 use-case as well. I believe the same problem is valid for the URL schemes used in Android as well. Anders 1] it just takes some ingenuity: https://github.com/cyberphone/web2native-bridge/tree/master/extension/release
Received on Saturday, 3 December 2016 07:27:08 UTC