4 Matching Annotations
- Feb 2021
But I’m afraid it’s perfectly possible to ship one version of your code to GitHub and a different version to npm.
The point is, just because you don’t see it, doesn’t mean it’s not happening. It’s been more than two years and as far as I know, no one has ever noticed one of my requests. Maybe it’s been in your site this whole time
Also the URL looks a lot like the 300 other requests to ad networks your site makes.
I’d notice the network requests going out!Where would you notice them? My code won’t send anything when the DevTools are open (yes even if un-docked).I call this the Heisenberg Manoeuvre: by trying to observe the behaviour of my code, you change the behaviour of my code.
- browser DevTools
- detecting security exploits
- just because you don’t see/notice it, doesn’t mean it’s not happening
- detecting security exploits: outgoing network traffic
- security exploits: avoiding detection