Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
fjni
on July 9, 2024
|
parent
|
context
|
favorite
| on:
Google Chrome has an API accesible only from *.goo...
Wouldn't you be able to deploy an app script website, which is hosted on "script.google.com" and make use of this?
jhdifdhsak
on July 9, 2024
|
next
[–]
your code do not run from that domain at all.
rc_mob
on July 9, 2024
|
parent
|
next
[–]
it does if I hack your dns server :)
agartner
on July 9, 2024
|
root
|
parent
|
next
[–]
It seems most if not all google domains are HSTS preloaded so no you can't:
https://hstspreload.org/?domain=script.google.com
pixl97
on July 9, 2024
|
prev
[–]
Does Chrome do certificate pinning checking in this case?
gnaman
on July 10, 2024
|
parent
[–]
No it does not. Firefox does by default. But then again, you would need the user to install your cert. Good luck with that
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
