xray vision is one of the stupidest things to have to account for in webdev. yeah i guess it makes sense why you can't XHR something from the api and use it to set a property in a script running in a slightly less privileged context but a) the content script in question already HAS enough same-origin privilege to access authorized api methods and b) it rarely ever matters because if you aren't setting object properties directly from the xrayed object you can do literally anything you want with it
dragongirl funky fresh
april et al, several flavors of therian (plural edition)
engineer in training by day, furry artist and "web developer" also by day
adult, occasionally nsfw on main
💜@dragongirlcloaca💜
💜@8akesale💜
avatar by karvakera
my website
starlight-symposium.neocities.org/chost in style
addons.mozilla.org/en-US/firefox/addon/chutils/find me elsewhere
floofy.tech/@starlightYou must log in to comment.