DEV Community

Discussion on: Homographs, Attack!

sebastianpoccnn profile image

My Mozilla shows me the link behind any clickable text. Your argument is invalid. It shows me the false one. Nice article otherwise.

cybolic profile image
Christian Dannie Storgaard

Sure, it shows it on links, but what about a redirect during a checkout process? If an injected script could change a redirect to paypal to actually go to a homograph'ed domain instead, it would be quite hard to spot.