zlacker

[parent] [thread] 2 comments
1. teknop+(OP)[view] [source] 2020-11-29 00:54:07
https does not 100% prevent any of those things.
replies(1): >>charro+w2
2. charro+w2[view] [source] 2020-11-29 01:21:11
>>teknop+(OP)
How can someone spoof the page/inject ads if the site is served over https?

They would need to have compromised one of the root certificates on your machine to not give you a giant security warning.

In modern browsers there’s not even a button to bypass them (although I know I chrome you can type “this is unsafe” to a hidden input in the error page and it will let you bypass it temporarily).

replies(1): >>teknop+eX3
◧◩
3. teknop+eX3[view] [source] [discussion] 2020-11-30 18:32:36
>>charro+w2
MITM - https termination at a gateway or proxy.
[go to top]