side-channel-attack example to modify/read private-fields through hijacked dom-inputs and XMLHttpRequest