Thanks for posting this. I wouldn't have known otherwise of the attempt from the authors of the paper which this demo is based to introduce this vulnerability into Firefox[1]. Really leaves a sour taste in mouth from how irresponsible and unethical this was.

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1618257

Indeed one shouldn't do something like this. I hope they realize their mistake :).

Also thanks for pointing this out, I haven't read that thread that closely, only remembered it being on the hn front page recently.

FTR it seems that Jonas Strehle, author of this Github repo, is not affliated with the authors.

Thanks for clarifying - I have also noticed the very doubtful action of the authors! But I can furthermore assure that I have nothing to do with the authors of the paper. ~ jonas

thank you for the clarification of no conflict.

Oh, this `favicon.ico` issues reminds me my old humorous article.[0]

[0] https://appsoft4fm.wordpress.com/2015/06/17/favicon-ico-mone...