I don't quite understand. If you already went to the trouble to set up a rouge SSL proxy on a network, can't you just silently inject content into the original response that would then run in the same origin context?<p>Surely I'm misunderstanding the meaning of SSL proxy. Can someone explain how such a thing works.