The plugin relies on a remote host, which makes it fundamentally insecure. No matter how well the code is written, all it takes is a man in the middle attack and the entire stack is compromised.
It would be better if the generated code was done on the server, and provided on the server like the boilerplate generators. Having a plugin to do it is opening up a security hole.
- The topic ‘Fundamentally Insecure’ is closed to new replies.