That makes sense — if you’re monitoring from within the system and have access to files directly, that’s definitely a more robust way to detect changes.
But my use case is more external-facing.
So the only thing you can rely on is what the browser sees — HTML, DOM, JS. In that context, unexpected DOM changes (like a hidden login form reappearing, or a 403 turning into a 200) can be quite telling.
Ah of course, that makes sense then. What about dynamic DOM content though? Like content produced by PHP or similar. Is that filtered somehow or does this analysis expect static content?
But my use case is more external-facing.
So the only thing you can rely on is what the browser sees — HTML, DOM, JS. In that context, unexpected DOM changes (like a hidden login form reappearing, or a 403 turning into a 200) can be quite telling.
What do you think?